From: "Luis R. Rodriguez" <mcgrof@kernel.org>
To: Kees Cook <keescook@chromium.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
Ingo Molnar <mingo@kernel.org>,
Andy Lutomirski <luto@amacapital.net>,
Michal Hocko <mhocko@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Mateusz Guzik <mguzik@redhat.com>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: next-20170515: WARNING: CPU: 0 PID: 1 at arch/x86/mm/dump_pagetables.c:236 note_page+0x630/0x7e0
Date: Mon, 15 May 2017 16:45:21 -0700 [thread overview]
Message-ID: <CAB=NE6WAsJtpssSu-j_A93cWF==3NyHD_0f6N0-1OgKThwmwGg@mail.gmail.com> (raw)
In-Reply-To: <CAGXu5j+2Vgi77xvgOvnSKnEHPooJDPO3sWPbBWY-spfK=kWj7Q@mail.gmail.com>
On Mon, May 15, 2017 at 3:57 PM, Kees Cook <keescook@chromium.org> wrote:
> On Mon, May 15, 2017 at 3:15 PM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
>> On Tue, May 16, 2017 at 12:06:50AM +0200, Luis R. Rodriguez wrote:
>>> Using QEMU emulator version 2.7.94 (v2.8.0-rc4-dirty)
>>>
>>> I will try updating my distro package for qemu and see if perhaps its this
>>> and for the other odd fork issue I reported [0].
>>>
>>> [0] https://lkml.kernel.org/r/CAB=NE6VZXq3y-3pfouYTBUco2Cq2xqoLZrgDFdVx+_=_=SwG_Q@mail.gmail.com
>>
>> Yeah nope, using my distribution latest:
>>
>> QEMU emulator version 2.8.0(openSUSE Tumbleweed)
>>
>> And still both issues are present.
>>
>> Luis
>
> Can you enable CONFIG_X86_PTDUMP=y and then find out what is located
> at ffffffffc0288000 via /sys/kernel/debug/kernel_page_tables ?
Sure thing.
Recompiled with this enabled, new warning:
[ 0.891559] x86/mm: Found insecure W+X mapping at address
ffffffffc00e4000/0xffffffffc00e4000
[ 0.892394] ------------[ cut here ]------------
[ 0.892834] WARNING: CPU: 0 PID: 1 at
arch/x86/mm/dump_pagetables.c:236 note_page+0x630/0x7e0
[ 0.893674] Modules linked in:
[ 0.893972] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
4.12.0-rc1-next-20170515+ #145
[ 0.894687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS rel-1.10.2-0-g5f4c7b1-prebuilt.qemu-project.org 04/01/2014
[ 0.895828] task: ffff8ed7fa5ccc80 task.stack: ffffae3900630000
[ 0.896403] RIP: 0010:note_page+0x630/0x7e0
[ 0.896780] RSP: 0018:ffffae3900633df0 EFLAGS: 00010286
[ 0.897271] RAX: 0000000000000051 RBX: ffffae3900633e88 RCX: ffffffff9b456708
[ 0.897940] RDX: 0000000000000000 RSI: 0000000000000096 RDI: 0000000000000246
[ 0.898624] RBP: ffffae3900633e28 R08: 203a6d6d2f363878 R09: 0000000000000165
[ 0.899314] R10: ffffae3900633dd8 R11: 736e6920646e756f R12: 0000000000000000
[ 0.899987] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
[ 0.900629] FS: 0000000000000000(0000) GS:ffff8ed7ffc00000(0000)
knlGS:0000000000000000
[ 0.901398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.901908] CR2: 0000000000000000 CR3: 0000000118009000 CR4: 00000000000006f0
[ 0.902590] Call Trace:
[ 0.902827] ptdump_walk_pgd_level_core+0x3e7/0x490
[ 0.903274] ? 0xffffffff9a800000
[ 0.903595] ptdump_walk_pgd_level_checkwx+0x17/0x20
[ 0.904064] mark_rodata_ro+0xf4/0x100
[ 0.904423] ? rest_init+0x80/0x80
[ 0.904744] kernel_init+0x2f/0x100
[ 0.905068] ret_from_fork+0x2c/0x40
[ 0.905393] Code: 48 c7 43 28 00 00 00 00 48 89 43 20 e9 05 fd ff
ff 48 8b 73 10 48 c7 c7 28 36 1e 9b c6 05 c8 eb bc 00 01 48 89 f2 e8
cd fc 11 00 <0f> ff e9 1f fa ff ff 48 8b 70 20 48 c7 c7 65 b2 1e 9b e8
b6 fc
[ 0.907173] ---[ end trace 878b39cb0c248e66 ]---
[ 0.907655] x86/mm: Checked W+X mappings: FAILED, 1 W+X pages found.
And ffffffffc00e4000 is:
---[ Modules ]---
0xffffffffc0000000-0xffffffffc00e4000 912K
pte
0xffffffffc00e4000-0xffffffffc00e5000 4K RW
GLB x pte
In case someone needs the full /sys/kernel/debug/kernel_page_tables file:
http://drvbp1.linux-foundation.org/~mcgrof/2017/05/15/kernel_page_tables/piggy-4.12.0-rc1-next-20170515-page-tables.txt
Luis
next prev parent reply other threads:[~2017-05-15 23:45 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-15 22:06 next-20170515: WARNING: CPU: 0 PID: 1 at arch/x86/mm/dump_pagetables.c:236 note_page+0x630/0x7e0 Luis R. Rodriguez
2017-05-15 22:15 ` Luis R. Rodriguez
2017-05-15 22:57 ` Kees Cook
2017-05-15 23:45 ` Luis R. Rodriguez [this message]
2017-05-16 0:12 ` Kees Cook
2017-05-17 16:40 ` Luis R. Rodriguez
2017-05-17 17:53 ` Kees Cook
2017-05-19 0:44 ` Luis R. Rodriguez
2017-05-19 3:08 ` Luis R. Rodriguez
2017-05-19 15:40 ` Luis R. Rodriguez
2017-05-19 17:28 ` Luis R. Rodriguez
2017-05-20 2:38 ` Masami Hiramatsu
2017-05-23 14:48 ` Luis R. Rodriguez
2017-05-24 17:55 ` Luis R. Rodriguez
2017-05-19 17:35 ` Catalin Marinas
2017-05-19 18:27 ` Andy Lutomirski
2017-05-19 19:16 ` Kees Cook
2017-05-19 19:18 ` Andy Lutomirski
2017-05-19 19:29 ` Kees Cook
2017-05-26 22:13 ` Luis R. Rodriguez
2017-05-15 23:30 ` Luis R. Rodriguez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAB=NE6WAsJtpssSu-j_A93cWF==3NyHD_0f6N0-1OgKThwmwGg@mail.gmail.com' \
--to=mcgrof@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=ebiederm@xmission.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mguzik@redhat.com \
--cc=mhocko@kernel.org \
--cc=mingo@kernel.org \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.