Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755608AbdC3Goa (ORCPT ); Thu, 30 Mar 2017 02:44:30 -0400 Received: from mail-he1eur01on0122.outbound.protection.outlook.com ([104.47.0.122]:18777 "EHLO EUR01-HE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1754885AbdC3Go2 (ORCPT ); Thu, 30 Mar 2017 02:44:28 -0400 Authentication-Results: codemonkey.org.uk; dkim=none (message not signed) header.d=none;codemonkey.org.uk; dmarc=none action=none header.from=nokia.com; To: , CC: Kees Cook , Laura Abbott , Ingo Molnar , Josh Poimboeuf , Mark Rutland , Eric Biggers , From: Tommi Rantala Subject: sudo x86info -a => kernel BUG at mm/usercopy.c:78! Message-ID: Date: Thu, 30 Mar 2017 09:44:20 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [131.228.2.26] X-ClientProxiedBy: DB6PR0202CA0029.eurprd02.prod.outlook.com (10.171.70.15) To DB6PR0701MB2360.eurprd07.prod.outlook.com (10.168.75.14) X-MS-Office365-Filtering-Correlation-Id: 3c6e75ca-b9c8-4f85-4656-08d47738347d X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(201703131423075)(201703031133081);SRVR:DB6PR0701MB2360; X-Microsoft-Exchange-Diagnostics: 1;DB6PR0701MB2360;3:qXUQbzZaLcUzsgcBToldiKHyASmCFnWbru/izILjEq6ohD42B6mSSFtWg8EBfUJ/l/eG0GI6YR/tcbgv4R+Ktsq/Zmhk0lRIgSR2Jnox2EzQ34Dp9LOIhDWdecObuHpPl48JvELTjIetW5r8s2pH7q9nmfPSj8w0Ifpc5bIk8JVgiHUw8MXbKKYar23F5iz8NVLypOe4sQ3nDrUatkVYM6YRw8FoCgKBMGJFdraU8aQ5Ip2NSUn8U4QXyVIEpfHpfe37nLU03xvgaHMfhRThXrGJcO7Cksf/NPwzJnHlqf73kqFnx7mHXWZyYH/hBLRbe33Hr0MVrsxJJUKD9cUg/pliG2V3uSTmk53ufvlcJKw=;25:VdVQmAy/J+ysABuDZNgmgF2UYt4V16kwsmVsSF0KH/jjBUh0nE7Ry/e3dYvg9tmSntxMvx2KYU6kEivB0v7IRyMP3hYYuZbESnGQ96qO94Bnxi6loqjJvoRl/6SxeGhj/c3DUlW/YOQ6T8wk3aRBQkgdOLNlfUXWF1qagJkK25qSCIR0ZF5NzDEdzLUm8UAhODZw/Wjx29o9XPc/ZIb8cyXpVU5kHX2vdkwPQ+iSPaPRf8f5sWsKbOcC+cHTANaTPsBAn4uEsOQKlppND4pyfWq0IUeguaaHIYodBshHd7/xfFvM7tNQ1L6U0ZLCEA9osm4Sp+Xyn9A0EMXrBG3i7N3jnC8D03gkLmvX2Pmi6nlo1BkUZp2sOfVnjuz8OV8D25HMgM3RkAWhD/psdVu1CnlBmOM3m0vKGqOFiuFwFuc3c85yClQnO1vW3VlmDQPx8sn0+Gn4I0nVKpJfXsAQWA== X-Microsoft-Exchange-Diagnostics: 1;DB6PR0701MB2360;31:AKmwhk6zqrf2JfOIUbFhfDwAYsMvf0lo0W4TilFEU6kl69x26xE48Tn2YaZWRv4qSlPJ5mso/IdbAKA2Q5N7ewQRFT4+dGA4xZTQn+1ox+AMTVbc+BeqfK3pImX1zn0ypOW77HHtHqrhEHnOW9xM7V2CivR/mmMpxmiIRohCTbwXCvBDyV6LqaldRmjmvT6zJRmvPXiwPws3fmlTPWHwAE+XbwizxWaKdDnwba7N3SX58nSMXBVQNclC5BxDyiOaAOq/2/uanzUmgVnldV4Ctw==;20:C9Ogkf5oX2Hy8b1Qeo8IqIsrLv9G8QmocfzuRJnjcZWYF+UgKAdAXCw4Nos9LgoBQnltJjJFnHQMjrenR/viQ90pNY3K6PFLugfX8tD5s8J0LAW7xnTaC+Tw3+AP+xU2+kfgFQSyBgyDrk+zPHEGuRBJ5AyWuVzfLPRkjyGu03IP7Aj2VB+wUHmDwzr/8pX3mYkx0Jb4vgGKLKXRg9MuZ4+XW9Ebhhm8YLiZ8BpuadF7SpmdfNXLnCcqLcdAlYNfL3Ab6SiPQPpeSnksSLVonSt4iOhZahOVE1SeYe0Rtm9kg5CDM6j1nkbgORqUERP/XxwKb0WV6GfPZ+YCzMiDTOv68T73pmKMh9kEd+MXdVjtuOTS6e4Vhs27RE4fGmIEP17zDnAHUQ8Kdf4A/sYsAlg2yBxsrUcVBfx3Y+/hiSsLHsxWBr41r0n+OicX1CIZtc2Nua6eVIyYxUoTtfyt6Ka+Pwb6OntJjnvcVrFRiRfexPuvZkB768YBzlWZiJO5fXVn5+8q1a25yttUDiGR0CzIv7cDBCH4Jg6Ys1oOrvP6aufZv9nvK11xWKatP3GvEGgInOpXGwEEhwTOwt0H5Jdg4URjRBSPLecTqKMmjJU= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123562025)(20161123555025)(20161123560025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(6072148);SRVR:DB6PR0701MB2360;BCL:0;PCL:0;RULEID:;SRVR:DB6PR0701MB2360; X-Microsoft-Exchange-Diagnostics: 1;DB6PR0701MB2360;4:4RfgVIQhKSCpu0NIANXywEtSiD1D8XbYKJHI23+hwyt4MbDlP+W6eLRrnJb1nCVadyd5IeLBItCslj3yr850ejyyXxfZPBz54wsJYBTnhfTJtskJjFv8gJyeQ2Eoe4uwUnqXNKkmGSo+r2XxkFDoADiGCEozwjqfbs39j4rGC5LPG7EH4Ke8c4nu8ojCGpcKIFBd0ADCPSqC2NJ7z5w5ZSdPZw34WJkKWCzH86mIV/GDcz7I/ojsupzqrCgrUfvRCoHaU3MRaw8EN9qkcm9IeYp1YwE8jOXnY1PunCZte5hZCEBNqLxwuxl2R+tOLRToBeMQGURl4AS/TD+v3XvU5TqqJdG2siYJ8jz4Lm5MPQGM1mBj4JbXmAXtAmCuB0tZbPTLSCoyHYI3of+AHZUMy+e2YiHtEm5d59f/ST1rGnf2G/Q6amXcbnp8rq9lZ4eaxNIId9+eSkijkmBel+CzWIjqxJLzEs0iomtAniFV3JRlRzjU7lkZp5bVYnbEQ6hRnt8+A5bCjUM4lmWEKB9gdYkNdopGaBEt3C7VzOG/p+ezWaHz44Ehx/JBFEHnucSLKmmc3+SeS9aJrHMyseKOIcKbgrtsQvJavEZDgtlkvDYEaSWOtUX18hi9cXdAe0jnQxt/1VMa0TVybBPDvgQVihO4fc8aI6c4a/1o16UghS54kt7G+l/vunVtI5fCYcsCVc6kqDXqlX0r9igAdHcpt2GyUEYb43r35GQ6pfIzB7Y= X-Forefront-PRVS: 02622CEF0A X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6049001)(6009001)(39400400002)(39860400002)(39850400002)(39840400002)(39410400002)(39450400003)(36756003)(33646002)(305945005)(3846002)(7736002)(6116002)(6666003)(77096006)(230700001)(189998001)(4001350100001)(66066001)(65956001)(50466002)(23676002)(5660300001)(4326008)(31696002)(47776003)(575784001)(86362001)(31686004)(42186005)(54906002)(50986999)(2906002)(6306002)(6486002)(8676002)(25786009)(81166006)(38730400002)(53936002)(226693001)(54356999)(2101003);DIR:OUT;SFP:1102;SCL:1;SRVR:DB6PR0701MB2360;H:[10.144.182.168];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtEQjZQUjA3MDFNQjIzNjA7MjM6SGVtM2t1dXJMTjI2RWVRSm1YNHZyNlBR?= =?utf-8?B?YTNtdndmaEVvWlFaUG1RQTVGV3J0R2gyNjUxUFlpQXg5UEVpVVUxdXpwc0Zq?= =?utf-8?B?VUFHYncyNmpzSWxqeEtBMEQwMlB2d05EaDJrWFM1enlKOWxtM05ZZVEzY3hV?= =?utf-8?B?Q2hrSGlEQ3oyYkYxK0lleUtEQy9xQmEzS0wvb01BOGI1cFhKQ1V1R1FvNGFD?= =?utf-8?B?dXZ2UGkyemV4WXFTWDViakcydmxUMEo5M2VDaUhhWE1Gb2xpVE1vLzJIRmxZ?= =?utf-8?B?VCsyWlN6ZW92aFNDcHNpZjRWaFJReU1hazZUdVE3dzZZdHNPb0Q3bG5DSmhI?= =?utf-8?B?aGoyOG9PdGN6VUxnSldMQjdWVkdRbE9Tcjk2ZklLcXI5NU0yRjUrVmlJSm1p?= =?utf-8?B?eDJXOUczUFlkVnBLL3Z2WDc1cjhSaktwNDVkME9Pd25sNStpZjdzZFg5ZEp1?= =?utf-8?B?UmpHdTVyNUxKRTM2djZESnUwRGQwdklURmxRUkJvdGMrOERqSkFBL3BTNjV0?= =?utf-8?B?VzdITENiRlk3dk1iKzJkQlJXaXFmbkpIUjdOcjZiVGZVOS82dXA3bjNvSXg4?= =?utf-8?B?Uk1SWWNmVWdLL3p3cVVuK0RNT3BWVjcxM0VqVjdQTW15elBnazFGOUxjQmFZ?= =?utf-8?B?M3A0N3pmMUJtM3NmSFhpTE1DMEZJSndrUG9OQmc0V1ZwTmp0U2p2WUJRYjUy?= =?utf-8?B?dTJhZ1VHeDNuTHJnZmxYQVpnNkpXWG1WZXNLZys3ZSs1SGV3NkJmbkZLWk1O?= =?utf-8?B?UjQ2TUZvSGx3a1JsTGRtcUZtdjIyTHIyTjNoMzZVeEVUWVE1eTRYaEthTWdu?= =?utf-8?B?eDdKYkVUa2xqeDJQckIxcTBYNTVKbW8vRk5jVkZKNFZQOUVxdXpwUlVJWTRO?= =?utf-8?B?cm8wOFN3NVk0QnRzeWdRQXlSMmZ0Tlo4d3RSSko2NjZVWjFXWWRHNnQwMk5n?= =?utf-8?B?RWRFdWlQY21BN2MxZDdZdWdqRHdMTEJWWkhOcUFOdGFwVGxXSngyR3JrNFEz?= =?utf-8?B?RWxOWklFdytyNE40THROQjB0ZVpPNVNYSTA5TmppaHkxZGVTUDQwNmRNMW1h?= =?utf-8?B?dmxOVUR4T1YxTWtoZmxSNXFvV3BlRW9sVWtZL1EzM2lkWW5HQ1VHN3Jka0pI?= =?utf-8?B?TmRvTHdNNzlQb2J2b3VLSkFKMFRWdWlvanZpT0VocUFDeUdIS2M0TVdMY3dh?= =?utf-8?B?ejRYOEU0OGh6dlY5dWYwYWZiSS8rV05iQXhwZmQyTjVmSHRJWC9IbENxY28x?= =?utf-8?B?YjRSUDh2SjNHSmhqMHdlNkl1Yktma3BsR0xmWWQ1QmpDN0w0anBCNmZoMDQr?= =?utf-8?B?OVpvY21kTFVrN01JNTZaU3RxbzM0cjB1SUdMbHFaM0VwUkw5L2FmdzU4VnNz?= =?utf-8?B?UzlrcGxadjBhbUJqTzFCS3BQYTVXSjFnaU5SUTNlcHV2Ym1ZUVRYUXVqdnlJ?= =?utf-8?B?NjBZN3RvS0ZjU3ZJZUFYanRpZE0xbkFhd2VTOUpncFBTdWUyRDRzeDVjSHU5?= =?utf-8?B?ZDdqQ1kyQkxDck40dXhTWThFSDFaMU9tNzJIa21tdk41c3RlU3pFbzltUG9M?= =?utf-8?Q?gIV?= X-Microsoft-Exchange-Diagnostics: 1;DB6PR0701MB2360;6:f2TDfx5n+I1VyHTGb1RlsHaSdyOgYTKrrVvRF0IhOBVvXqzfFuvejz5gVdcIvIPJ/Q5meMhZzHOtYkkoLm8xEY/uUhQLXBxV/GQyA2GAbZ1NEu2snVanFOqaZu4wuBp+U2R32x9CX8ncxZMPwwXHMVrbMPKGBhWB1rZRsFgi7o9TqxPr7T0BWAKG1BVU6za3se2sCYsrPRb5d9blCrRGzHzhTSfOvKMUi+Pb3BpghGKVx/D08N0w37cgsfdQseYiqwZXs+VhNMpt5Binf7fh0I8JwCQPvGmWW9AybA8jPN2NRnVRZQIUU3wT73KGdCrLoqZKk67hZK7Lpto0HbgVJBV8Bu1Y+caYMQybLUaXsi8Hxvy7loWqwt391+07otLGo9GMBGXsSukkGGSyEt5PBNZTsoTFu5ItPfre3E34eIg=;5:EGVo9sdwExEpct7wfQDd5sRHwLJhisMnEZztAe4TlCN+nTj4QWrkrFoX1aDWDiYHekGfvPSNWLhKAPF9xudO/UE4vRXJGFv1AWOPIVMz7b9S3Gb0KUPdFq2WtYBOzhzVU+3fyOWmJ9hK05QHskuKHg==;24:FXTzMsofVImvFGn7bc9vo8WvM4K8v3J7l0vbaN6FZTY2pcSGPO3XZBQgzEB0P5ea7qhM43BnBdh4biGQdPBrvOIGad2zci0+EsZZCh48cy4= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DB6PR0701MB2360;7:3shaEQfKlqQCqKqjusr80o3xYVCe02atqiUJjQQZNMUqW2X0IGFelbhGOYpVdv4lCrJ9DgeAg0a9ZgpCrxwUikxjdpxmoRRTJJuJN4GjWoWSMLz0Wkis/5eg/Q3WTH/CFkd862q25GVn08NQUmzKzbOgBtcgftMIaoVbUVrFloy4t+eXbkBHgnq4uzezWAfn2TNQj8Nwk5VxGOG+fsSBSt/zpHsEI/M0UkqHPEu8i6Bp8R5CQNF/19iNXWKrJAlVw34DjuJWnUogJHOY9jU7UWSCwFGWUNS7J1WOAKQgEd1jeBitmdgdynM5WGxvbsqIodYE+AujYhjZRI2ysVOsGw== X-OriginatorOrg: nokia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Mar 2017 06:44:24.2686 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2360 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 4093 Lines: 90 Hi, Running: $ sudo x86info -a On this HP ZBook 15 G3 laptop kills the x86info process with segfault and produces the following kernel BUG. $ git describe v4.11-rc4-40-gfe82203 It is also reproducible with the fedora kernel: 4.9.14-200.fc25.x86_64 Full dmesg output here: https://pastebin.com/raw/Kur2mpZq [ 51.418954] usercopy: kernel memory exposure attempt detected from ffff880000090000 (dma-kmalloc-256) (4096 bytes) [ 51.418959] ------------[ cut here ]------------ [ 51.418968] kernel BUG at /home/tomranta/git/linux/mm/usercopy.c:78! [ 51.418970] invalid opcode: 0000 [#1] SMP [ 51.418972] Modules linked in: fuse ccm ipt_REJECT nf_reject_ipv4 xt_tcpudp tun af_packet xt_conntrack nf_conntrack libcrc32c ebtable_nat ebtable_broute bridge ip6table_mangle ip6table_raw iptable_mangle iptable_raw ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter ip_tables x_tables nls_iso8859_1 nls_cp437 vfat fat dm_mirror dm_region_hash dm_log arc4 hp_wmi sparse_keymap coretemp kvm_intel snd_hda_codec_hdmi kvm irqbypass pcbc aesni_intel aes_x86_64 crypto_simd cryptd glue_helper intel_cstate intel_uncore intel_rapl_perf iwlmvm mac80211 snd_usb_audio mousedev snd_usbmidi_lib snd_rawmidi input_leds snd_hda_codec_conexant snd_hda_codec_generic efivars iwlwifi uvcvideo videobuf2_vmalloc videobuf2_memops snd_hda_intel videobuf2_v4l2 cfg80211 videobuf2_core snd_hda_codec snd_seq snd_hwdep [ 51.419010] snd_seq_device snd_hda_core snd_pcm thermal hp_accel lis3lv02d input_polldev ac acpi_pad battery led_class evdev hp_wireless nfsd lockd grace sunrpc tg3 libphy crc32_pclmul crc32c_intel e1000e sd_mod 8021q garp stp llc mrp unix autofs4 [ 51.419025] CPU: 7 PID: 2406 Comm: x86info Not tainted 4.11.0-rc4-tommi+ #14 [ 51.419027] Hardware name: HP HP ZBook 15 G3/80D5, BIOS N81 Ver. 01.12 11/01/2016 [ 51.419030] task: ffff88026ce84100 task.stack: ffffc90003b94000 [ 51.419035] RIP: 0010:__check_object_size+0xfd/0x195 [ 51.419037] RSP: 0018:ffffc90003b97de0 EFLAGS: 00010282 [ 51.419039] RAX: 0000000000000066 RBX: ffff880000090000 RCX: 0000000000000000 [ 51.419042] RDX: ffff8802bddd33e8 RSI: ffff8802bddcc9e8 RDI: ffff8802bddcc9e8 [ 51.419044] RBP: ffffc90003b97e00 R08: 000000000006648a R09: 000000000000048b [ 51.419046] R10: 0000000000000100 R11: ffffffff81e9a86d R12: 0000000000001000 [ 51.419049] R13: 0000000000000001 R14: ffff880000091000 R15: ffff880000090000 [ 51.419051] FS: 00007f8323436b40(0000) GS:ffff8802bddc0000(0000) knlGS:0000000000000000 [ 51.419054] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.419056] CR2: 00007ffcbec21000 CR3: 000000026c8e8000 CR4: 00000000003406a0 [ 51.419058] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 51.419061] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 51.419063] Call Trace: [ 51.419066] read_mem+0x70/0x120 [ 51.419069] __vfs_read+0x28/0x130 [ 51.419072] ? security_file_permission+0x9b/0xb0 [ 51.419075] ? rw_verify_area+0x4e/0xb0 [ 51.419077] vfs_read+0x96/0x130 [ 51.419079] SyS_read+0x46/0xb0 [ 51.419082] ? SyS_lseek+0x87/0xb0 [ 51.419085] entry_SYSCALL_64_fastpath+0x1a/0xa9 [ 51.419087] RIP: 0033:0x7f8322d56bd0 [ 51.419089] RSP: 002b:00007ffcbec11c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 51.419091] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f8322d56bd0 [ 51.419094] RDX: 0000000000010000 RSI: 00007ffcbec11ca0 RDI: 0000000000000003 [ 51.419096] RBP: 0000000000000008 R08: 0000000000000005 R09: 0000000000000050 [ 51.419098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000002231c00 [ 51.419100] R13: 00007ffcbec11c9e R14: 00007ffcbec51cf8 R15: 0000000000000000 [ 51.419103] Code: a8 81 48 c7 c2 29 69 a4 81 48 c7 c6 82 89 a5 81 48 0f 45 d0 48 c7 c0 1a 1e a6 81 48 c7 c7 d0 ed a5 81 48 0f 45 f0 e8 7f 74 f8 ff <0f> 0b 48 89 df e8 29 98 e8 ff 84 c0 0f 84 3a ff ff ff b8 00 00 [ 51.419123] RIP: __check_object_size+0xfd/0x195 RSP: ffffc90003b97de0 [ 51.421565] ---[ end trace 441f7992ca25e39d ]---