All of lore.kernel.org
 help / color / mirror / Atom feed
From: Dmitry Vyukov <dvyukov@google.com>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: Mimi Zohar <zohar@linux.ibm.com>,
	linux-integrity@vger.kernel.org, James Morris <jmorris@namei.org>,
	"Serge E . Hallyn" <serge@hallyn.com>,
	linux-security-module <linux-security-module@vger.kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Eric Biggers <ebiggers@kernel.org>
Subject: Re: [RFC PATCH 2/2] integrity: double check iint_cache was initialized
Date: Mon, 22 Mar 2021 08:53:47 +0100	[thread overview]
Message-ID: <CACT4Y+bvakfNhVs29QvbY6Z8Pw0zmAUKGWM-DD5DcPZW5ny90A@mail.gmail.com> (raw)
In-Reply-To: <8450c80a-104a-3f36-0963-0ae8fa69e0f2@i-love.sakura.ne.jp>

On Mon, Mar 22, 2021 at 8:11 AM Tetsuo Handa
<penguin-kernel@i-love.sakura.ne.jp> wrote:
>
> On 2021/03/20 5:03, Mimi Zohar wrote:
> > The integrity's "iint_cache" is initialized at security_init().  Only
> > after an IMA policy is loaded, which is initialized at late_initcall,
> > is a file's integrity status stored in the "iint_cache".
> >
> > All integrity_inode_get() callers first verify that the IMA policy has
> > been loaded, before calling it.  Yet for some reason, it is still being
> > called, causing a NULL pointer dereference.
> >
> > As reported by Dmitry Vyukov:
> > in qemu:
> > qemu-system-x86_64       -enable-kvm     -machine q35,nvdimm -cpu
> > max,migratable=off -smp 4       -m 4G,slots=4,maxmem=16G        -hda
> > wheezy.img      -kernel arch/x86/boot/bzImage   -nographic -vga std
> >  -soundhw all     -usb -usbdevice tablet  -bt hci -bt device:keyboard
> >    -net user,host=10.0.2.10,hostfwd=tcp::10022-:22 -net
> > nic,model=virtio-net-pci   -object
> > memory-backend-file,id=pmem1,share=off,mem-path=/dev/zero,size=64M
> >   -device nvdimm,id=nvdimm1,memdev=pmem1  -append "console=ttyS0
> > root=/dev/sda earlyprintk=serial rodata=n oops=panic panic_on_warn=1
> > panic=86400 lsm=smack numa=fake=2 nopcid dummy_hcd.num=8"   -pidfile
> > vm_pid -m 2G -cpu host
> >
>
> I tried similar command line (without "-enable-kvm" and without "-cpu host"
> as I'm running from VMware, without "-soundhw all", without "-machine q35,nvdimm"
> and "-device nvdimm,id=nvdimm1,memdev=pmem1" etc.) on 5.12-rc4. While I was finally
> able to hit similar crash when I used "-smp 1" instead of "-smp 4", I suspect
> this is not a integrity module's problem but a memory initialization/corruption
> problem, for I got various different crashes (INT3) at memory allocation when
> I was trimming command line options trying to reproduce the same crash.
>
> Dmitry, do you get different crashes by changing command line arguments?

No, I have not seen any other crashes, one the reported one.

  reply	other threads:[~2021-03-22  7:54 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-19 20:03 [RFC PATCH 1/2] ima: don't access a file's integrity status before an IMA policy is loaded Mimi Zohar
2021-03-19 20:03 ` [RFC PATCH 2/2] integrity: double check iint_cache was initialized Mimi Zohar
2021-03-22  7:10   ` Tetsuo Handa
2021-03-22  7:53     ` Dmitry Vyukov [this message]
2021-03-23  1:46       ` Tetsuo Handa
2021-03-23 12:09         ` Mimi Zohar
2021-03-23 13:37           ` Tetsuo Handa
2021-03-23 14:01             ` Tetsuo Handa
2021-03-23 14:47               ` Mimi Zohar
2021-03-23 15:14                 ` Tetsuo Handa
2021-03-23 16:13                   ` Mimi Zohar
2021-03-24 10:10                     ` Tetsuo Handa
2021-03-24 11:10                       ` Mimi Zohar
2021-03-24 11:20                         ` Tetsuo Handa
2021-03-24 11:37                           ` Dmitry Vyukov
2021-03-24 11:49                             ` Mimi Zohar
2021-03-24 11:58                               ` Dmitry Vyukov
2021-03-24 12:17                                 ` Mimi Zohar
2021-03-24 15:56                                 ` Casey Schaufler

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CACT4Y+bvakfNhVs29QvbY6Z8Pw0zmAUKGWM-DD5DcPZW5ny90A@mail.gmail.com \
    --to=dvyukov@google.com \
    --cc=ebiggers@kernel.org \
    --cc=jmorris@namei.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=penguin-kernel@i-love.sakura.ne.jp \
    --cc=serge@hallyn.com \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.