Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <5be58a6e.w0IbLdKsiRknTygq%lkp@intel.com>
Date: Fri, 09 Nov 2018 21:23:58 +0800
From: kernel test robot <lkp@...el.com>
To: Alexander Popov <alex.popov@...ux.com>
Cc: LKP <lkp@...org>, kernel-hardening@...ts.openwall.com,
 linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
 Dave Hansen <dave.hansen@...ux.intel.com>,
 Kees Cook <keescook@...omium.org>
Subject: afaef01c00 ("x86/entry: Add STACKLEAK erasing the kernel stack
 .."):  double fault: 0000 [#1]

Greetings,

0day kernel testing robot got the below dmesg and the first bad commit is

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master

commit afaef01c001537fa97a25092d7f54d764dc7d8c1
Author:     Alexander Popov <alex.popov@...ux.com>
AuthorDate: Fri Aug 17 01:16:58 2018 +0300
Commit:     Kees Cook <keescook@...omium.org>
CommitDate: Tue Sep 4 10:35:47 2018 -0700

    x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
    
    The STACKLEAK feature (initially developed by PaX Team) has the following
    benefits:
    
    1. Reduces the information that can be revealed through kernel stack leak
       bugs. The idea of erasing the thread stack at the end of syscalls is
       similar to CONFIG_PAGE_POISONING and memzero_explicit() in kernel
       crypto, which all comply with FDP_RIP.2 (Full Residual Information
       Protection) of the Common Criteria standard.
    
    2. Blocks some uninitialized stack variable attacks (e.g. CVE-2017-17712,
       CVE-2010-2963). That kind of bugs should be killed by improving C
       compilers in future, which might take a long time.
    
    This commit introduces the code filling the used part of the kernel
    stack with a poison value before returning to userspace. Full
    STACKLEAK feature also contains the gcc plugin which comes in a
    separate commit.
    
    The STACKLEAK feature is ported from grsecurity/PaX. More information at:
      https://grsecurity.net/
      https://pax.grsecurity.net/
    
    This code is modified from Brad Spengler/PaX Team's code in the last
    public patch of grsecurity/PaX based on our understanding of the code.
    Changes or omissions from the original code are ours and don't reflect
    the original grsecurity/PaX code.
    
    Performance impact:
    
    Hardware: Intel Core i7-4770, 16 GB RAM
    
    Test #1: building the Linux kernel on a single core
            0.91% slowdown
    
    Test #2: hackbench -s 4096 -l 2000 -g 15 -f 25 -P
            4.2% slowdown
    
    So the STACKLEAK description in Kconfig includes: "The tradeoff is the
    performance impact: on a single CPU system kernel compilation sees a 1%
    slowdown, other systems and workloads may vary and you are advised to
    test this feature on your expected workload before deploying it".
    
    Signed-off-by: Alexander Popov <alex.popov@...ux.com>
    Acked-by: Thomas Gleixner <tglx@...utronix.de>
    Reviewed-by: Dave Hansen <dave.hansen@...ux.intel.com>
    Acked-by: Ingo Molnar <mingo@...nel.org>
    Signed-off-by: Kees Cook <keescook@...omium.org>

57361846b5  Linux 4.19-rc2
afaef01c00  x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
24ccea7e10  Merge tag 'xfs-4.20-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
442b8cea24  Add linux-next specific files for 20181109
+---------------------------------------------------------------+-----------+------------+------------+---------------+
|                                                               | v4.19-rc2 | afaef01c00 | 24ccea7e10 | next-20181109 |
+---------------------------------------------------------------+-----------+------------+------------+---------------+
| boot_successes                                                | 498       | 171        | 165        | 26            |
| boot_failures                                                 | 0         | 2          | 8          | 1             |
| double_fault:#[##]                                            | 0         | 2          | 8          |               |
| RIP:ftrace_ops_test                                           | 0         | 2          | 8          | 1             |
| WARNING:stack_recursion                                       | 0         | 2          | 8          | 1             |
| WARNING:at(____ptrval____)for_ip_syscall_return_via_sysret/0x | 0         | 2          | 8          | 1             |
| Kernel_panic-not_syncing:Fatal_exception                      | 0         | 2          | 8          | 1             |
+---------------------------------------------------------------+-----------+------------+------------+---------------+

[main] Setsockopt(0 8 68b000 4) on fd 376 [2:1:0]
[main] Setsockopt(29 1a 68b000 2f) on fd 377 [10:2:0]
[main] Setsockopt(1 2c 68b000 4) on fd 379 [2:1:0]
[main] Setsockopt(0 13 68b000 1) on fd 380 [10:1:0]
[main] 375 sockets created based on info from socket cachefile.
[  127.808225] double fault: 0000 [#1]
[  127.808695] CPU: 0 PID: 414 Comm: trinity-main Tainted: G                T 4.19.0-rc2-00001-gafaef01 #1
[  127.809799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[  127.810760] RIP: 0010:ftrace_ops_test+0x27/0xa0
[  127.811289] Code: eb 9a 90 41 54 55 49 89 f4 53 48 89 d3 48 89 fd 48 81 ec b0 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 84 24 a8 00 00 00 31 c0 <e8> 54 df ff ff 48 85 db 74 57 e8 4a df ff ff 48 8b 85 d0 00 00 00
[  127.813385] RSP: 0018:fffffe0000001fb8 EFLAGS: 00010046
[  127.813991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000800
[  127.814802] RDX: 0000000000000000 RSI: ffffffff811c4560 RDI: ffff8800158c2d20
[  127.815652] RBP: ffff8800158c2d20 R08: 0000000000000000 R09: 0000000000000000
[  127.816494] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff811c4560
[  127.817357] R13: 0000000000000000 R14: ffffffff82400160 R15: 0000000000000800
[  127.818178] FS:  00007fac9f0de700(0000) GS:ffffffff83044000(0000) knlGS:0000000000000000
[  127.819099] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.819762] CR2: fffffe0000001fa8 CR3: 000000001579a000 CR4: 00000000000006b0
[  127.820583] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  127.821406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  127.822234] Call Trace:
[  127.822530]  <ENTRY_TRAMPOLINE>
[  127.822914]  ? __ia32_sys_rseq+0x2f0/0x2f0
[  127.823395]  ftrace_ops_list_func+0xa5/0x1b0
[  127.823922]  ftrace_call+0x5/0x34
[  127.824318]  ? stackleak_erase+0x5/0xf0
[  127.824789]  ? stackleak_erase+0x43/0xf0
[  127.825260]  stackleak_erase+0x5/0xf0
[  127.825699]  syscall_return_via_sysret+0x61/0x81
[  127.826238] WARNING: stack recursion on stack type 4
[  127.826243] WARNING: can't dereference registers at (____ptrval____) for ip syscall_return_via_sysret+0x61/0x81
[  127.826246]  </ENTRY_TRAMPOLINE>
[  127.828342] ---[ end trace e9f96d3f45575499 ]---
[  127.828911] RIP: 0010:ftrace_ops_test+0x27/0xa0

                                                          # HH:MM RESULT GOOD BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD
git bisect start 651022382c7f8da46cb4872a545ee1da6d097d2a v4.19 --
git bisect good 685f7e4f161425b137056abe35ba8ef7b669d83d  # 14:15  G    167     0    0   0  Merge tag 'powerpc-4.20-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
git bisect good 519f64bf15dccb4f64af34b74ed186c32363ab59  # 14:45  G    157     0    0   0  Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
git bisect  bad 63c6e188f639b5828bf744e675270bb5e2adc139  # 14:59  B      0     1   15   0  Merge tag 'riscv-for-linus-4.20-mw3' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux
git bisect good 82aa4671516a3203261c835e98c3eecab10c994d  # 16:03  G    158     0    0   0  Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
git bisect  bad 34c7685a177a7bc98066f7e5daa42eef621d0bdb  # 16:31  B     27     1    0   0  Merge tag 'devicetree-fixes-for-4.20-1' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux
git bisect  bad 2d6bb6adb714b133db92ccd4bfc9c20f75f71f3f  # 17:08  B     32     1    0   0  Merge tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
git bisect good 6444ccfd699cda8db5edaac7fa469d6a29aa9a47  # 18:02  G    162     0    0   0  Merge branch 'for-4.20' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu
git bisect good 7c6c54b505b8aea1782ce6a6e8f3b8297d179937  # 18:32  G    161     0    0   0  Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
git bisect  bad c8d126275a5fa59394fe17109bdb9812fed296b8  # 18:55  B     10     3    0   0  fs/proc: Show STACKLEAK metrics in the /proc file system
git bisect  bad 10e9ae9fabaf96c8e5227c1cd4827d58b3aa406d  # 19:15  B     13     3    0   0  gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack
git bisect  bad afaef01c001537fa97a25092d7f54d764dc7d8c1  # 19:33  B     15     1    0   0  x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
# first bad commit: [afaef01c001537fa97a25092d7f54d764dc7d8c1] x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
git bisect good 57361846b52bc686112da6ca5368d11210796804  # 20:29  G    475     0    0   0  Linux 4.19-rc2
# extra tests with debug options
git bisect  bad afaef01c001537fa97a25092d7f54d764dc7d8c1  # 20:47  B     44     2    0   0  x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
# extra tests on HEAD of linux-devel/devel-spot-201811090824
git bisect  bad 8992397c6e1a0adf719e7263a0c965fce4629b15  # 20:47  B     59     2    0   0  0day head guard for 'devel-spot-201811090824'
# extra tests on tree/branch linus/master
git bisect  bad 24ccea7e102de8cbc93ab3befb123bbd18532be9  # 21:06  B     10     1    0   0  Merge tag 'xfs-4.20-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
# extra tests on tree/branch linux-next/master
git bisect  bad 442b8cea2477fa95c22f28ca982addb5bc6b0845  # 21:22  B     22     1    0   0  Add linux-next specific files for 20181109

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/lkp                          Intel Corporation

Download attachment "dmesg-quantal-lkp-kboot01-43:20181109194049:x86_64-randconfig-g0-11091005:4.19.0-rc2-00001-gafaef01:1.gz" of type "application/gzip" (20088 bytes)

View attachment "reproduce-quantal-lkp-kboot01-43:20181109194049:x86_64-randconfig-g0-11091005:4.19.0-rc2-00001-gafaef01:1" of type "text/plain" (912 bytes)

View attachment "config-4.19.0-rc2-00001-gafaef01" of type "text/plain" (114761 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.