Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753225AbeADOGw (ORCPT <rfc822;ralf@linux-mips.org> + 1 other);
        Thu, 4 Jan 2018 09:06:52 -0500
Received: from mail.linuxfoundation.org ([140.211.169.12]:49904 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753049AbeADOGv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 4 Jan 2018 09:06:51 -0500
Date: Thu, 4 Jan 2018 15:06:27 +0100
From: Greg KH <gregkh@linuxfoundation.org>
To: syzbot <syzbot+fa2d5f63ee5904a0115a@syzkaller.appspotmail.com>
Cc: arve@android.com, devel@driverdev.osuosl.org, labbott@redhat.com,
        linux-kernel@vger.kernel.org, maco@android.com,
        sumit.semwal@linaro.org, syzkaller-bugs@googlegroups.com,
        tkjos@android.com
Subject: Re: WARNING in ion_ioctl
Message-ID: <20180104140627.GB17490@kroah.com>
References: <f403043cd4eccf5d8b0561f3b42f@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <f403043cd4eccf5d8b0561f3b42f@google.com>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>

On Thu, Jan 04, 2018 at 05:57:01AM -0800, syzbot wrote:
> Hello,
> 
> syzkaller hit the following crash on
> 71ee203389f7cb1c1927eab22b95baa01405791c
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console output is attached.
> C reproducer is attached
> syzkaller reproducer is attached. See https://goo.gl/kgGztJ
> for information about syzkaller reproducers
> 
> 
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+fa2d5f63ee5904a0115a@syzkaller.appspotmail.com
> It will help syzbot understand when the bug is fixed. See footer for
> details.
> If you forward the report, please keep this part and the footer.
> 
> audit: type=1400 audit(1514734723.062:7): avc:  denied  { map } for
> pid=3502 comm="syzkaller809746" path="/root/syzkaller809746698" dev="sda1"
> ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
> tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
> WARNING: CPU: 0 PID: 3502 at drivers/staging/android/ion/ion-ioctl.c:73
> ion_ioctl+0x2db/0x380 drivers/staging/android/ion/ion-ioctl.c:73
> Kernel panic - not syncing: panic_on_warn set ...

This is to be expected when you pass in a crappy ion ioctl structure.

So don't do that :)

Yeah, it's a harsh warning, but I think the userspace developers like it
to ensure they got their implementation correct.

After the warning is thrown, all keeps working just fine.

thanks,

greg k-h