2011-05-30 12:55:52

by Robert Święcki

[permalink] [raw]
Subject: Invalid credentials ( __validate_creds()) due to cred->magic == "DeaD" from sys_clone() (2.6.39 PREEMPT SMP SELinux kernel)

Just some initial data:


=====================================================================
KDB
=====================================================================

<3>[49754.391126] CRED: Invalid credentials
<3>[49754.394811] CRED: At include/linux/cred.h:260
<3>[49754.399181] CRED: Specified credentials: ffff8801156c8b00
<3>[49754.404676] CRED: ->magic=44656144, put_addr=ffffffff81166dc5
<3>[49754.410430] CRED: ->usage=0, subscr=0
<3>[49754.414102] CRED: ->*uid = { 65534,65534,65534,65534 }
<3>[49754.419250] CRED: ->*gid = { 65534,65534,65534,65534 }
<3>[49754.424397] CRED: ->security is ffff8801113069c0
<3>[49754.429021] CRED: ->security {1, 1}

[1]kdb> bt
Stack traceback for pid 16009
0xffff880115819770 16009 8897 1 1 R 0xffff880115819bf0 *iknowthis2
<c> ffff88012bc43e00<c> 0000000000000000<c> ffff880100000104<c>
ffffffff8267436f<c>
<c> ffffffff81b611cd<c> ffff8801156c8b00<c> ffff88012bc43e40<c>
ffffffff81166d8e<c>
<c> ffff8801156c8b00<c> ffff880121e13540<c> ffff88012bc43e60<c>
ffffffff81166db3<c>
Call Trace:
<IRQ> [<ffffffff81b611cd>] ? wq_free_rcu+0x12/0x14
[<ffffffff81166d8e>] ? __validate_creds.clone.9+0x2d/0x32
[<ffffffff81166db3>] ? file_free_rcu+0x20/0x46
[<ffffffff810eeb82>] ? __rcu_process_callbacks+0x18d/0x2af
[<ffffffff810eed24>] ? rcu_process_callbacks+0x80/0x87
[<ffffffff8109c013>] ? __do_softirq+0xeb/0x1cc
[<ffffffff81044977>] ? native_sched_clock+0x35/0x37
[<ffffffff810b67dd>] ? sched_clock_local+0x12/0x75
[<ffffffff81edbd9c>] ? call_softirq+0x1c/0x30
[<ffffffff81040510>] ? do_softirq+0x4b/0x9f
[<ffffffff8109c380>] ? irq_exit+0x5f/0xb6
[<ffffffff81edc6d1>] ? smp_apic_timer_interrupt+0x7d/0x8b
[<ffffffff81edb553>] ? apic_timer_interrupt+0x13/0x20
<EOI> [<ffffffff81093f75>] ? dup_mm+0x1f2/0x468
[<ffffffff81151cdb>] ? arch_local_irq_restore+0x6/0xd
[<ffffffff81154ceb>] ? __slab_alloc.clone.36+0xf0/0x38b
[<ffffffff81093f75>] ? dup_mm+0x1f2/0x468
[<ffffffff81155143>] ? kmem_cache_alloc+0x4a/0xe7
[<ffffffff8135b0ce>] ? selinux_vm_enough_memory+0x48/0x4d
[<ffffffff81093f75>] ? dup_mm+0x1f2/0x468
[<ffffffff81094c56>] ? copy_process+0xa3e/0x1230
[<ffffffff81095592>] ? do_fork+0x10f/0x29d
[<ffffffff813d8dba>] ? trace_hardirqs_off_thunk+0x3a/0x6c
[<ffffffff8107e5b9>] ? sys32_clone+0x26/0x28
[<ffffffff81edc585>] ? ia32_ptregs_common+0x25/0x4b

kdb> summary

sysname Linux
release 2.6.39
version #3 SMP PREEMPT Fri May 27 15:27:03 CEST 2011
machine x86_64
nodename ise-test
domainname (none)
ccversion CCVERSION
date 2011-05-28 03:20:03 tz_minuteswest -120
uptime 13:49
load avg 19.38 20.17 22.96

MemTotal: 993059 kB
MemFree: 458493 kB
Buffers: 23981 kB


=====================================================================
KGDB
=====================================================================

(gdb) bt
#0 __invalid_creds (cred=0xffff8801156c8b00, file=<value optimized
out>, line=<value optimized out>)
at kernel/cred.c:812
#1 0xffffffff81166d8e in __validate_creds (cred=0xffff8801156c8b00, line=260,
file=0xffffffff8267436f "include/linux/cred.h") at include/linux/cred.h:186
#2 0xffffffff81166db3 in put_cred (head=<value optimized out>) at
include/linux/cred.h:260
#3 file_free_rcu (head=<value optimized out>) at fs/file_table.c:49
#4 0xffffffff810eeb82 in rcu_do_batch (rsp=0xffffffff82a2f500,
rdp=0xffff88012bc502f0) at kernel/rcutree.c:1146
#5 __rcu_process_callbacks (rsp=0xffffffff82a2f500,
rdp=0xffff88012bc502f0) at kernel/rcutree.c:1386
#6 0xffffffff810eed24 in rcu_preempt_process_callbacks (unused=<value
optimized out>) at kernel/rcutree_plugin.h:544
#7 rcu_process_callbacks (unused=<value optimized out>) at
kernel/rcutree.c:1404
#8 0xffffffff8109c013 in __do_softirq () at kernel/softirq.c:238
#9 0xffffffff81edbd9c in ?? () at arch/x86/kernel/entry_64.S:1210
#10 0xffffffff81040510 in do_softirq () at arch/x86/kernel/irq_64.c:80
#11 0xffffffff8109c380 in invoke_softirq () at kernel/softirq.c:325
#12 irq_exit () at kernel/softirq.c:340
#13 0xffffffff81edc6d1 in smp_apic_timer_interrupt (regs=<value
optimized out>) at arch/x86/kernel/apic/apic.c:861
#14 <signal handler called>
#15 0x00cf9b000000ffff in __brk_reservation_fn_dmi_alloc__ ()
Cannot access memory at address 0xcffb000000ffff

Cannot access memory at address 0xcffb000000ffff
(gdb) up
#1 0xffffffff81166d8e in __validate_creds (cred=0xffff8801156c8b00, line=260,
file=0xffffffff8267436f "include/linux/cred.h") at include/linux/cred.h:186
186 __invalid_creds(cred, file, line);
(gdb) p *cred
$1 = {usage = {counter = 0}, subscribers = {counter = 0}, put_addr =
0xffffffff81166dc5, magic = 1147494724,
uid = 65534, gid = 65534, suid = 65534, sgid = 65534, euid = 65534,
egid = 65534, fsuid = 65534, fsgid = 65534,
securebits = 0, cap_inheritable = {cap = {0, 0}}, cap_permitted =
{cap = {0, 0}}, cap_effective = {cap = {0, 0}},
cap_bset = {cap = {4294967295, 4294967295}}, jit_keyring = 0 '\000',
thread_keyring = 0x0, request_key_auth = 0x0,
tgcred = 0xffff88011492b088, security = 0xffff8801113069c0, user =
0xffff880121c4b000, user_ns = 0xffffffff82a21a80,
group_info = 0xffff880104cec420, rcu = {next = 0x0, func =
0xffffffff810b6c97 <put_cred_rcu>}}

(gdb) p (char[4])cred->magic
$8 = "DaeD"

--
Robert Święcki


2011-05-30 14:19:13

by Robert Święcki

[permalink] [raw]
Subject: Re: Invalid credentials ( __validate_creds()) due to cred->magic == "DeaD" from sys_clone() (2.6.39 PREEMPT SMP SELinux kernel)

On Mon, May 30, 2011 at 2:55 PM, Robert Święcki <[email protected]> wrote:
> Just some initial data:
>
>
> =====================================================================
> KDB
> =====================================================================
>
> <3>[49754.391126] CRED: Invalid credentials
> <3>[49754.394811] CRED: At include/linux/cred.h:260
> <3>[49754.399181] CRED: Specified credentials: ffff8801156c8b00
> <3>[49754.404676] CRED: ->magic=44656144, put_addr=ffffffff81166dc5
> <3>[49754.410430] CRED: ->usage=0, subscr=0
> <3>[49754.414102] CRED: ->*uid = { 65534,65534,65534,65534 }
> <3>[49754.419250] CRED: ->*gid = { 65534,65534,65534,65534 }
> <3>[49754.424397] CRED: ->security is ffff8801113069c0
> <3>[49754.429021] CRED: ->security {1, 1}
>
> [1]kdb> bt
> Stack traceback for pid 16009
> 0xffff880115819770    16009     8897  1    1   R  0xffff880115819bf0 *iknowthis2
> <c> ffff88012bc43e00<c> 0000000000000000<c> ffff880100000104<c>
> ffffffff8267436f<c>
> <c> ffffffff81b611cd<c> ffff8801156c8b00<c> ffff88012bc43e40<c>
> ffffffff81166d8e<c>
> <c> ffff8801156c8b00<c> ffff880121e13540<c> ffff88012bc43e60<c>
> ffffffff81166db3<c>
> Call Trace:
>  <IRQ>  [<ffffffff81b611cd>] ? wq_free_rcu+0x12/0x14
>  [<ffffffff81166d8e>] ? __validate_creds.clone.9+0x2d/0x32
>  [<ffffffff81166db3>] ? file_free_rcu+0x20/0x46
>  [<ffffffff810eeb82>] ? __rcu_process_callbacks+0x18d/0x2af
>  [<ffffffff810eed24>] ? rcu_process_callbacks+0x80/0x87
>  [<ffffffff8109c013>] ? __do_softirq+0xeb/0x1cc
>  [<ffffffff81044977>] ? native_sched_clock+0x35/0x37
>  [<ffffffff810b67dd>] ? sched_clock_local+0x12/0x75
>  [<ffffffff81edbd9c>] ? call_softirq+0x1c/0x30
>  [<ffffffff81040510>] ? do_softirq+0x4b/0x9f
>  [<ffffffff8109c380>] ? irq_exit+0x5f/0xb6
>  [<ffffffff81edc6d1>] ? smp_apic_timer_interrupt+0x7d/0x8b
>  [<ffffffff81edb553>] ? apic_timer_interrupt+0x13/0x20
>  <EOI>  [<ffffffff81093f75>] ? dup_mm+0x1f2/0x468
>  [<ffffffff81151cdb>] ? arch_local_irq_restore+0x6/0xd
>  [<ffffffff81154ceb>] ? __slab_alloc.clone.36+0xf0/0x38b
>  [<ffffffff81093f75>] ? dup_mm+0x1f2/0x468
>  [<ffffffff81155143>] ? kmem_cache_alloc+0x4a/0xe7
>  [<ffffffff8135b0ce>] ? selinux_vm_enough_memory+0x48/0x4d
>  [<ffffffff81093f75>] ? dup_mm+0x1f2/0x468
>  [<ffffffff81094c56>] ? copy_process+0xa3e/0x1230
>  [<ffffffff81095592>] ? do_fork+0x10f/0x29d
>  [<ffffffff813d8dba>] ? trace_hardirqs_off_thunk+0x3a/0x6c
>  [<ffffffff8107e5b9>] ? sys32_clone+0x26/0x28
>  [<ffffffff81edc585>] ? ia32_ptregs_common+0x25/0x4b
>
> kdb>   summary
>
> sysname    Linux
> release    2.6.39
> version    #3 SMP PREEMPT Fri May 27 15:27:03 CEST 2011
> machine    x86_64
> nodename   ise-test
> domainname (none)
> ccversion  CCVERSION
> date       2011-05-28 03:20:03 tz_minuteswest -120
> uptime     13:49
> load avg   19.38 20.17 22.96
>
> MemTotal:         993059 kB
> MemFree:          458493 kB
> Buffers:           23981 kB
>
>
> =====================================================================
> KGDB
> =====================================================================
>
> (gdb) bt
> #0  __invalid_creds (cred=0xffff8801156c8b00, file=<value optimized
> out>, line=<value optimized out>)
>    at kernel/cred.c:812
> #1  0xffffffff81166d8e in __validate_creds (cred=0xffff8801156c8b00, line=260,
>    file=0xffffffff8267436f "include/linux/cred.h") at include/linux/cred.h:186
> #2  0xffffffff81166db3 in put_cred (head=<value optimized out>) at
> include/linux/cred.h:260
> #3  file_free_rcu (head=<value optimized out>) at fs/file_table.c:49
> #4  0xffffffff810eeb82 in rcu_do_batch (rsp=0xffffffff82a2f500,
> rdp=0xffff88012bc502f0) at kernel/rcutree.c:1146
> #5  __rcu_process_callbacks (rsp=0xffffffff82a2f500,
> rdp=0xffff88012bc502f0) at kernel/rcutree.c:1386
> #6  0xffffffff810eed24 in rcu_preempt_process_callbacks (unused=<value
> optimized out>) at kernel/rcutree_plugin.h:544
> #7  rcu_process_callbacks (unused=<value optimized out>) at
> kernel/rcutree.c:1404
> #8  0xffffffff8109c013 in __do_softirq () at kernel/softirq.c:238
> #9  0xffffffff81edbd9c in ?? () at arch/x86/kernel/entry_64.S:1210
> #10 0xffffffff81040510 in do_softirq () at arch/x86/kernel/irq_64.c:80
> #11 0xffffffff8109c380 in invoke_softirq () at kernel/softirq.c:325
> #12 irq_exit () at kernel/softirq.c:340
> #13 0xffffffff81edc6d1 in smp_apic_timer_interrupt (regs=<value
> optimized out>) at arch/x86/kernel/apic/apic.c:861
> #14 <signal handler called>
> #15 0x00cf9b000000ffff in __brk_reservation_fn_dmi_alloc__ ()
> Cannot access memory at address 0xcffb000000ffff
>struct socket
> Cannot access memory at address 0xcffb000000ffff
> (gdb) up
> #1  0xffffffff81166d8e in __validate_creds (cred=0xffff8801156c8b00, line=260,
>    file=0xffffffff8267436f "include/linux/cred.h") at include/linux/cred.h:186
> 186                     __invalid_creds(cred, file, line);
> (gdb) p *cred
> $1 = {usage = {counter = 0}, subscribers = {counter = 0}, put_addr =
> 0xffffffff81166dc5, magic = 1147494724,
>  uid = 65534, gid = 65534, suid = 65534, sgid = 65534, euid = 65534,
> egid = 65534, fsuid = 65534, fsgid = 65534,
>  securebits = 0, cap_inheritable = {cap = {0, 0}}, cap_permitted =
> {cap = {0, 0}}, cap_effective = {cap = {0, 0}},
>  cap_bset = {cap = {4294967295, 4294967295}}, jit_keyring = 0 '\000',
> thread_keyring = 0x0, request_key_auth = 0x0,
>  tgcred = 0xffff88011492b088, security = 0xffff8801113069c0, user =
> 0xffff880121c4b000, user_ns = 0xffffffff82a21a80,
>  group_info = 0xffff880104cec420, rcu = {next = 0x0, func =
> 0xffffffff810b6c97 <put_cred_rcu>}}
>
> (gdb) p (char[4])cred->magic
> $8 = "DaeD"

And some data on the file which is being 'freed'; it seems it's a socket.

(gdb) up
#1 0xffffffff81166d8e in __validate_creds (cred=0xffff8801156c8b00,
line=260, file=0xffffffff8267436f "include/linux/cred.h") at
include/linux/cred.h:186
186 __invalid_creds(cred, file, line);
(gdb) up
#2 0xffffffff81166db3 in put_cred (head=<value optimized out>) at
include/linux/cred.h:260
260 validate_creds(cred);
(gdb) up
#3 file_free_rcu (head=<value optimized out>) at fs/file_table.c:49
49 put_cred(f->f_cred);

(gdb) p f->f_op
$39 = (const struct file_operations *) 0xffffffff823ae960

(gdb) p &socket_file_ops
$41 = (const struct file_operations *) 0xffffffff823ae960

gdb) p *((struct sock*)f->private_data)
$57 = {__sk_common = {skc_daddr = 1, skc_rcv_saddr = 1515847688,
{skc_hash = 0, skc_u16hashes = {0, 0}}, skc_family = 0, skc_state = 0
'\000', skc_reuse = 0 '\000', skc_bound_dev_if = 307253656,
{skc_bind_node = {next = 0x0,
pprev = 0xffff88012102f398}, skc_portaddr_node = {next = 0x0,
pprev = 0xffff88012102f398}}, skc_prot = 0x0, skc_net =
0xfffe0000c487, skc_dontcopy_begin = 0xffff88012457ed00, {skc_node =
{next = 0xfffe,
pprev = 0xffffffff82f04080}, skc_nulls_node = {next = 0xfffe,
pprev = 0xffffffff82f04080}}, skc_tx_queue_mapping = 612925440,
skc_refcnt = {counter = -30719}, skc_dontcopy_end =
0xffff88012457ed00}, sk_lock = {slock = {{
rlock = {raw_lock = {slock = 2056}}}}, owned = 0, wq = {lock =
{{rlock = {raw_lock = {slock = 1}}}}, task_list = {next =
0xffff88012457ed60, prev = 0xffff88012457ed60}}}, sk_receive_queue =
{next = 0x0, prev = 0x60, qlen = 0,
lock = {{rlock = {raw_lock = {slock = 0}}}}}, sk_backlog =
{rmem_alloc = {counter = 0}, len = 0, head = 0x0, tail =
0xffff88012457ed98}, sk_forward_alloc = 609742232, sk_rxhash =
4294936577, sk_drops = {counter = 609742248},
sk_rcvbuf = -30719, sk_filter = 0xffff88012457eda8, sk_wq =
0xffff88012457edb8, sk_async_wait_queue = {next = 0xffff88012457edb8,
prev = 0xffff88012457edc8, qlen = 609742280, lock = {{rlock =
{raw_lock = {slock = 4294936577}}}}},
sk_policy = {0x1664fe2, 0x100000000}, sk_flags = 51539607552,
sk_dst_cache = 0x0, sk_dst_lock = {{rlock = {raw_lock = {slock =
0}}}}, sk_wmem_alloc = {counter = 0}, sk_omem_alloc = {counter = 0},
sk_sndbuf = 0, sk_write_queue = {
next = 0x0, prev = 0x0, qlen = 0, lock = {{rlock = {raw_lock =
{slock = 0}}}}}, sk_shutdown = 3, sk_no_check = 3, sk_userlocks = 13,
sk_protocol = 105, sk_type = 19936, sk_wmem_queued = 0, sk_allocation
= 705782433,
sk_route_caps = 0, sk_route_nocaps = 0, sk_gso_type = 0,
sk_gso_max_size = 0, sk_rcvlowat = 0, sk_lingertime = 0,
sk_error_queue = {next = 0x0, prev = 0xffff88012457ee50, qlen =
609742416, lock = {{rlock = {raw_lock = {
slock = 4294936577}}}}}, sk_prot_creator =
0xffffffff823ae960, sk_callback_lock = {raw_lock = {lock = 0}}, sk_err
= 0, sk_err_soft = 609742456, sk_ack_backlog = 34817,
sk_max_ack_backlog = 65535, sk_priority = 609742128,
sk_peer_pid = 0x2000000000, sk_peer_cred = 0x0, sk_rcvtimeo = 0,
sk_sndtimeo = 0, sk_protinfo = 0x10001, sk_timer = {entry = {next =
0xffff88012457eea8, prev = 0xffff88012457eea8}, expires = 0, base =
0x0, function = 0,
data = 18446744071595768816, slack = 131290, start_pid = 0,
start_site = 0xffffffff82a34a20, start_comm =
"\000\000\000\000\000\000\000\000\360\356W$\001\210\377\377"},
sk_stamp = {tv64 = -131936490623248}, sk_socket = 0x0,
sk_user_data = 0x1, sk_sndmsg_page = 0xffff88012457ef10,
sk_send_head = 0xffff88012457ef10, sk_sndmsg_off = 0, sk_write_pending
= 0, sk_security = 0x0, sk_mark = 0, sk_classid = 0, sk_state_change =
0xffff88012457ef38,
sk_data_ready = 0xffff88012457ef38, sk_write_space = 0,
sk_error_report = 0, sk_backlog_rcv = 0, sk_destruct =
0xffffffff00000000}

--
Robert Święcki

2011-06-07 14:27:00

by Robert Święcki

[permalink] [raw]
Subject: Re: Invalid credentials ( __validate_creds()) due to cred->magic == "DeaD" from sys_clone() (2.6.39 PREEMPT SMP SELinux kernel)

Another BUG(), a quite obvious use-after-free - still trying to create
a reproductible testcase.


=== KDB ===
Stack traceback for pid 28120
0xffff8800cba32ee0 28120 15501 1 1 R 0xffff8800cba33360 *iknowthis
<c> ffff8800cba3dea8<c> 0000000000000018<c> ffffffff810b6f16<c>
ffff880000000104<c>
<c> ffffffff8267436f<c> ffff88010367bf00<c> ffff88010367bf00<c>
ffff8800cba3def8<c>
<c> ffffffff810b6f48<c> ffff880000000104<c> ffffffff8267436f<c>
ffff8800cba3def8<c>
Call Trace:
[<ffffffff810b6f16>] ? __invalid_creds+0x53/0x55
[<ffffffff810b6f48>] ? __validate_creds+0x30/0x37
[<ffffffff810b6fa2>] ? put_cred+0x22/0x3a
[<ffffffff810b7463>] ? commit_creds+0x1d3/0x1de
[<ffffffff810a8ea4>] ? sys_setgid+0x75/0x8d
[<ffffffff81edab82>] ? system_call_fastpath+0x16/0x1b

[1]kdb> summary
sysname Linux
release 2.6.39
version #3 SMP PREEMPT Fri May 27 15:27:03 CEST 2011
machine x86_64
nodename ise-test
domainname (none)
ccversion CCVERSION
date 2011-06-07 01:56:05 tz_minuteswest -120
uptime 13:11
load avg 14.40 14.63 16.68

MemTotal: 993059 kB
MemFree: 485955 kB
Buffers: 20849 kB

DMESG:
<3>[47480.305640] CRED: Invalid credentials
<3>[47480.315628] CRED: At include/linux/cred.h:260
<3>[47480.320595] CRED: Specified credentials: ffff88010367bf00
<3>[47480.326668] CRED: ->magic=6b6b6b6b, put_addr=6b6b6b6b6b6b6b6b
<3>[47480.333593] CRED: ->usage=1802201963, subscr=1802201963
<3>[47480.339812] CRED: ->*uid = { 1802201963,1802201963,1802201963,1802201963 }
<3>[47480.347490] CRED: ->*gid = { 1802201963,1802201963,1802201963,1802201963 }
<3>[47480.354947] CRED: ->security is 6b6b6b6b6b6b6b6b

=== KGDB ===
(gdb) bt
#0 __invalid_creds (cred=0xffff88010367bf00, file=<value optimized
out>, line=<value optimized out>)
at kernel/cred.c:812
#1 0xffffffff810b6f48 in __validate_creds (cred=0xffff88010367bf00,
file=<value optimized out>,
line=<value optimized out>) at include/linux/cred.h:186
#2 0xffffffff810b6fa2 in put_cred (_cred=<value optimized out>) at
include/linux/cred.h:260
#3 0xffffffff810b7463 in commit_creds (new=0xffff88011aeda200) at
kernel/cred.c:540
#4 0xffffffff810a8ea4 in sys_setgid (gid=65534) at kernel/sys.c:577
#5 <signal handler called>
#6 0x00007ff2b4b78649 in __brk_reservation_fn_dmi_alloc__ ()
#7 0xffff880118cd1770 in __brk_reservation_fn_dmi_alloc__ ()
#8 0xffffffff82a1bed0 in ?? ()
#9 0x0000000200020000 in __brk_reservation_fn_dmi_alloc__ ()
#10 0x0000000300000000 in __brk_reservation_fn_dmi_alloc__ ()
#11 0x00007ffffffff000 in __brk_reservation_fn_dmi_alloc__ ()
#12 0xffffffff810a7406 in sys_restart_syscall () at kernel/signal.c:2085
#13 0x0000000000000000 in ?? ()

[4 frames up]

#4 0xffffffff810a8ea4 in sys_setgid (gid=65534) at kernel/sys.c:577
577 return commit_creds(new);

(gdb) p *old
$1 = {usage = {counter = 1802201963}, subscribers = {counter =
1802201963}, put_addr = 0x6b6b6b6b6b6b6b6b,
magic = 1802201963, uid = 1802201963, gid = 1802201963, suid =
1802201963, sgid = 1802201963, euid = 1802201963,
egid = 1802201963, fsuid = 1802201963, fsgid = 1802201963,
securebits = 1802201963, cap_inheritable = {cap = {
1802201963, 1802201963}}, cap_permitted = {cap = {1802201963,
1802201963}}, cap_effective = {cap = {1802201963,
1802201963}}, cap_bset = {cap = {1802201963, 1802201963}},
jit_keyring = 107 'k',
thread_keyring = 0x6b6b6b6b6b6b6b6b, request_key_auth =
0x6b6b6b6b6b6b6b6b, tgcred = 0x6b6b6b6b6b6b6b6b,
security = 0x6b6b6b6b6b6b6b6b, user = 0x6b6b6b6b6b6b6b6b, user_ns =
0x6b6b6b6b6b6b6b6b,
group_info = 0x6b6b6b6b6b6b6b6b, rcu = {next = 0x6b6b6b6b6b6b6b6b,
func = 0xa56b6b6b6b6b6b6b}}


(gdb) p *new
$2 = {usage = {counter = 2}, subscribers = {counter = 2}, put_addr =
0x0, magic = 1131636068, uid = 65534,
gid = 65534, suid = 65534, sgid = 65534, euid = 65534, egid = 65534,
fsuid = 65534, fsgid = 65534, securebits = 0,
cap_inheritable = {cap = {0, 0}}, cap_permitted = {cap = {0, 0}},
cap_effective = {cap = {0, 0}}, cap_bset = {cap = {
4294967295, 4294967295}}, jit_keyring = 0 '\000', thread_keyring
= 0x0, request_key_auth = 0x0,
tgcred = 0xffff880101adce58, security = 0xffff8801146fb340, user =
0xffff88011fcc7240, user_ns = 0xffffffff82a21a80,
group_info = 0xffff8800cb9fa000, rcu = {next = 0x0, func = 0}}


--
Robert Święcki