11:03 a.m.
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
https://github.com/0day-ci/linux/commits/Masami-Hiramatsu/kprobes-x86-Do-...
commit cca5328fff71092ac073c929dcc659f5c24fcb57
Author: Masami Hiramatsu <mhiramat(a)kernel.org>
AuthorDate: Tue Jul 25 23:54:49 2017 +0900
Commit: 0day robot <fengguang.wu(a)intel.com>
CommitDate: Thu Jul 27 04:20:04 2017 +0800
kprobes/x86: Do not jump-optimize kprobes on irq entry code
Since the kernel segment registers are not prepared at the
entry of irq-entry code, if a kprobe on such code is
jump-optimized, accessing per-cpu variables may cause
kernel panic.
However, if the kprobe is not optimized, it kicks int3
exception and set segment registers correctly.
This checks probe-address and if it is in irq-entry code,
it prohibits optimizing such kprobes. This means we can
continuously probing such interrupt handlers by kprobes
but it is not optimized anymore.
Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org>
Reported-by: Francis Deslauriers <francis.deslauriers(a)efficios.com>
Tested-by: Francis Deslauriers <francis.deslauriers(a)efficios.com>
6602ec8ef2 Merge branch 'x86/syscall'
cca5328fff kprobes/x86: Do not jump-optimize kprobes on irq entry code
cca5328fff kprobes/x86: Do not jump-optimize kprobes on irq entry code
+------------------------------------------+------------+------------+------------+
| | 6602ec8ef2 | cca5328fff | cca5328fff |
+------------------------------------------+------------+------------+------------+
| boot_successes | 37 | 4 | 4 |
| boot_failures | 0 | 11 | 11 |
| BUG:unable_to_handle_kernel | 0 | 11 | 11 |
| Oops:#[##] | 0 | 11 | 11 |
| EIP:smp_apic_timer_interrupt | 0 | 11 | 11 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 11 | 11 |
+------------------------------------------+------------+------------+------------+
[ 9.580373] Freeing unused kernel memory: 880K
[ 9.581785] Write protecting the kernel text: 13908k
[ 9.583078] Write protecting the kernel read-only data: 5328k
[ 9.584029] NX-protecting the kernel data: 12716k
[ 9.590021] kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
[ 9.591146] BUG: unable to handle kernel paging request at 41d95660
[ 9.592077] IP: smp_apic_timer_interrupt+0x0/0x90
[ 9.592764] *pdpt = 0000000002873001 *pde = 000000000e27f063
[ 9.592775] *pte = 8000000001d95161
[ 9.593614]
[ 9.594386] Oops: 0011 [#1] PREEMPT
[ 9.594903] Modules linked in:
[ 9.595376] CPU: 0 PID: 88 Comm: kworker/u2:1 Not tainted 4.13.0-rc1-00476-gcca5328f
#1
[ 9.596534] Workqueue: events_unbound call_usermodehelper_exec_work
[ 9.597449] task: 4eb543c0 task.stack: 40354000
[ 9.598136] EIP: smp_apic_timer_interrupt+0x0/0x90
[ 9.598834] EFLAGS: 00010046 CPU: 0
[ 9.599359] EAX: 40355da8 EBX: 4eb543c0 ECX: 568f137d EDX: 00000000
[ 9.600270] ESI: 00000246 EDI: 00000000 EBP: 40355da9 ESP: 40355da4
[ 9.601183] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
[ 9.601972] CR0: 80050033 CR2: 41d95660 CR3: 0e277380 CR4: 001406b0
[ 9.602879] Call Trace:
[ 9.603271] ? apic_timer_interrupt+0x34/0x40
[ 9.603923] ? lock_acquire+0x181/0x3e0
[ 9.604502] ? _do_fork+0x129/0x1270
[ 9.605044] copy_process+0x17d9/0x3540
[ 9.605611] ? _do_fork+0x129/0x1270
[ 9.606152] ? call_usermodehelper_exec_work+0x210/0x210
[ 9.606925] ? call_usermodehelper_exec_work+0x210/0x210
[ 9.607706] _do_fork+0x129/0x1270
[ 9.608261] ? find_held_lock+0x35/0x120
[ 9.608883] ? _raw_spin_unlock_irq+0x60/0x140
[ 9.609545] ? _raw_spin_unlock_irq+0xe3/0x140
[ 9.610203] ? call_usermodehelper_exec_work+0x210/0x210
[ 9.610984] kernel_thread+0x2f/0x50
[ 9.611517] call_usermodehelper_exec_work+0x117/0x210
[ 9.612273] process_one_work+0x482/0x1220
[ 9.612881] worker_thread+0x4bf/0xcd0
[ 9.613449] kthread+0x22d/0x240
[ 9.613932] ? rescuer_thread+0x760/0x760
[ 9.614531] ? kthread_create_on_node+0x40/0x40
[ 9.615202] ret_from_fork+0x19/0x30
[ 9.615738] Code: 00 e9 94 fc ff ff 90 8d 74 26 00 83 05 30 79 89 42 01 83 15 34 79 89
42 00 e9 9c fa ff ff 66 90 66 90 66 90 66 90 66 90 66 90 90 <55> 89 e5 53 e8 b7 f9
2f ff 83 05 e0 21 8b 42 01 83 15 e4 21 8b
[ 9.618682] EIP: smp_apic_timer_interrupt+0x0/0x90 SS:ESP: 0068:40355da4
[ 9.619652] CR2: 0000000041d95660
[ 9.620159] ---[ end trace 34f2ec2abdc6981f ]---
[ 9.620830] Kernel panic - not syncing: Fatal exception
# HH:MM RESULT GOOD BAD
GOOD_BUT_DIRTY DIRTY_NOT_BAD
git bisect start 5aa13720b4e8193e7e17684e311aaa767c60a045
520eccdfe187591a51ea9ab4c1a024ae4d0f68d9 --
git bisect bad 74181619cc38913dd8618b0184296745311aca18 # 23:59 B 0 11 24 0
Merge
'linux-review/Alan-Swanson/uas-Add-US_FL_IGNORE_RESIDUE-for-Initio-Copropration-INIC-3069/20170726-144827'
into devel-spot-201707272151
git bisect good b32a65ce67e10cf67c79e75c4b6219d54724984c # 00:15 G 11 0 0 0
Merge
'linux-review/Arnd-Bergmann/ARM-sa1100-pxa-fix-MTD_XIP-build/20170727-100109' into
devel-spot-201707272151
git bisect bad 9363d55b4d9f80de09ebf33da6a989d201b79c89 # 00:24 B 0 11 24 0
Merge
'linux-review/Thierry-Escande/v4l2-Add-support-for-go2001-PCI-codec-driver/20170727-033126'
into devel-spot-201707272151
git bisect good 656c654719df9427530479ba35f02b3ac8b466c7 # 00:36 G 10 0 0 0
Merge 'linux-review/Jan-Glauber/Cavium-ARM64-uncore-PMU-support/20170727-053306'
into devel-spot-201707272151
git bisect good 6cd4cd6f7c11903ea68ecc61603d9b5fe3772bb1 # 00:47 G 11 0 0 0
Merge
'linux-review/Suravee-Suthikulpanit/x86-amd-Only-fixup-cpu_core_id-for-pre-family17h/20170727-043122'
into devel-spot-201707272151
git bisect bad f2fb0e34149d8bc5542759afb410a7cfaf68134f # 00:56 B 0 11 24 0
Merge
'linux-review/Masami-Hiramatsu/kprobes-x86-Do-not-jump-optimize-kprobes-on-irq-entry-code/20170727-041957'
into devel-spot-201707272151
git bisect good d61b4da099038f1ebec535c160a0336e6972b0e8 # 01:05 G 11 0 0 0
Merge
'linux-review/Shaokun-Zhang/Add-HiSilicon-SoC-uncore-Performance-Monitoring-Unit-driver/20170727-042522'
into devel-spot-201707272151
git bisect bad cca5328fff71092ac073c929dcc659f5c24fcb57 # 01:17 B 0 11 24 0
kprobes/x86: Do not jump-optimize kprobes on irq entry code
# first bad commit: [cca5328fff71092ac073c929dcc659f5c24fcb57] kprobes/x86: Do not
jump-optimize kprobes on irq entry code
git bisect good 6602ec8ef2244e2d75d2a3b2e10f09469b9e319f # 01:28 G 33 0 0 0
Merge branch 'x86/syscall'
# extra tests with CONFIG_DEBUG_INFO_REDUCED
git bisect bad cca5328fff71092ac073c929dcc659f5c24fcb57 # 01:39 B 0 11 24 0
kprobes/x86: Do not jump-optimize kprobes on irq entry code
# extra tests on HEAD of linux-devel/devel-spot-201707272151
git bisect bad 5aa13720b4e8193e7e17684e311aaa767c60a045 # 01:39 B 0 21 39 1
0day head guard for 'devel-spot-201707272151'
# extra tests on tree/branch
linux-review/Masami-Hiramatsu/kprobes-x86-Do-not-jump-optimize-kprobes-on-irq-entry-code/20170727-041957
git bisect bad cca5328fff71092ac073c929dcc659f5c24fcb57 # 01:41 B 0 11 25 0
kprobes/x86: Do not jump-optimize kprobes on irq entry code
# extra tests with first bad commit reverted
git bisect good c5f19e45449e6de96a66e2ba11e393276cd0cc0e # 02:03 G 10 0 0 0
Revert "kprobes/x86: Do not jump-optimize kprobes on irq entry code"
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation