Krzysztof, please try to cc the appropriate people/list.
I've added linux-crypto and the people who touched aesni-intel since
3.6, and am re-quoting the whole email (except for the continuation
oopses that won't be relevant)
It seems to crash on the very first instruction of _aesni_enc1, which is just a
movaps (KEYP), KEY
where on x86-32, KEYP is %edi and KEY is %xmm2.
In the oops register dump, %edi is 0xf169fe64, which looks like a
valid kernel pointer (depending on amount of memory), but it looks
like the problem is that it's not 16-byte aligned.
I dunno. None of the asm code seems to have changed since 3.6 afaik,
so some calling code change triggers this? Guys, ideas?
Linus
On Thu, Oct 18, 2012 at 8:53 AM, Krzysztof Kolasa <[email protected]> wrote:
> after mount crypted device (volume, pendrive) kernel crash on HP machine
> (mounting on AMILO Pro v3405 working properly ), rs232 console output :
>
> [ 124.613648] general protection fault: 0000 [#1] SMP
> [ 124.672862] Modules linked in: dm_crypt fglrx(PO) bnep rfcomm bluetooth
> binfmt_misc snd_hda_codec_hdmi snd_hda_codec_idt snd_hda_ine
> [ 125.356439] Pid: 55, comm: kworker/0:1 Tainted: P O
> 3.7.0-rc1-winsoft-pae #1 Hewlett-Packard HP ProBook 6560b/1619
> [ 125.490351] EIP: 0060:[<f85bb2bc>] EFLAGS: 00010216 CPU: 0
> [ 125.555762] EIP is at _aesni_enc1+0x0/0x9c [aesni_intel]
> [ 125.619087] EAX: c1959000 EBX: 00000001 ECX: f001392c EDX: f06de000
> [ 125.693829] ESI: f169fdb4 EDI: f169fe64 EBP: f169fda4 ESP: f169fd30
> [ 125.768578] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
> [ 125.832951] CR0: 80050033 CR2: b7710000 CR3: 01963000 CR4: 000407f0
> [ 125.907694] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [ 125.982436] DR6: ffff0ff0 DR7: 00000400
> [ 126.028115] Process kworker/0:1 (pid: 55, ti=f169e000 task=f1679940
> task.ti=f169e000)
> [ 126.121547] Stack:
> [ 126.145429] f85bb2b4 00000008 f169fe34 f85703a9 f169fe64 c1959000
> f06de000 00000008
> [ 126.237894] 00000200 00000000 f06de000 f23b3bc0 f06de000 f23b3bc0
> f06de000 f00138f4
> [ 126.330358] 00000000 00000200 f001390c 00000000 00000200 00000000
> 00000000 f001392c
> [ 126.422804] Call Trace:
> [ 126.451881] [<f85bb2b4>] ? aesni_enc+0x1c/0x24 [aesni_intel]
> [ 126.520399] [<f85703a9>] ? init_tfm+0x129/0x250 [xts]
> [ 126.581652] [<f85bbd6e>] xts_decrypt+0x7e/0xc0 [aesni_intel]
> [ 126.650174] [<c15c5a95>] ? notifier_call_chain+0x45/0x60
> [ 126.714543] [<c107f61d>] ? update_curr+0x20d/0x380
> [ 126.772681] [<c1142f48>] ? __kmalloc+0xd8/0x1f0
> [ 126.827715] [<c11077f3>] ? mempool_kmalloc+0x13/0x20
> [ 126.887935] [<f85bb298>] ? aesni_set_key+0x1d8/0x1d8 [aesni_intel]
> [ 126.962681] [<f85bb960>] ? __aes_encrypt+0x30/0x30 [aesni_intel]
> [ 127.035353] [<f855e157>] ablk_decrypt+0x47/0xb0 [ablk_helper]
> [ 127.104912] [<f8ae1c9b>] crypt_convert+0x26b/0x2d0 [dm_crypt]
> [ 127.174468] [<f8ae23b0>] kcryptd_crypt+0x280/0x360 [dm_crypt]
> [ 127.244028] [<c10647a0>] process_one_work+0x110/0x380
> [ 127.305282] [<c15c97b3>] ? common_interrupt+0x33/0x38
> [ 127.366537] [<c10624a0>] ? wake_up_worker+0x30/0x30
> [ 127.425716] [<f8ae2130>] ? crypt_convert_init.isra.15+0x70/0x70
> [dm_crypt]
> [ 127.508768] [<c10651d9>] worker_thread+0x119/0x350
> [ 127.566910] [<c10650c0>] ? manage_workers+0x260/0x260
> [ 127.628164] [<c1069854>] kthread+0x94/0xa0
> [ 127.678001] [<c1070000>] ? blocking_notifier_chain_unregister+0x50/0xa0
> [ 127.757938] [<c15c91b7>] ret_from_kernel_thread+0x1b/0x28
> [ 127.823350] [<c10697c0>] ? flush_kthread_worker+0x90/0x90
> [ 127.888757] Code: 31 c0 5f c3 8d 76 00 57 53 8b 7c 24 0c 8b 44 24 10 8b
> 54 24 14 8b 9f e0 01 00 00 0f 10 02 e8 08 00 00 00 0f 11 004
> [ 128.113500] EIP: [<f85bb2bc>] _aesni_enc1+0x0/0x9c [aesni_intel] SS:ESP
> 0068:f169fd30
> [ 128.207699] ---[ end trace ff0828d34a0b516e ]---
>
> subsequent errors after the above kernel crash (one cpu 100% busy) :
>
> [ 128.262830] BUG: scheduling while atomic: kworker/0:1/55/0x10000001
.. snipped - not interesting, since a kworker dying will always result
in lots of noise.
Quoting Linus Torvalds <[email protected]>:
> Krzysztof, please try to cc the appropriate people/list.
>
> I've added linux-crypto and the people who touched aesni-intel since
> 3.6, and am re-quoting the whole email (except for the continuation
> oopses that won't be relevant)
>
> It seems to crash on the very first instruction of _aesni_enc1,
> which is just a
>
> movaps (KEYP), KEY
>
> where on x86-32, KEYP is %edi and KEY is %xmm2.
>
> In the oops register dump, %edi is 0xf169fe64, which looks like a
> valid kernel pointer (depending on amount of memory), but it looks
> like the problem is that it's not 16-byte aligned.
>
> I dunno. None of the asm code seems to have changed since 3.6 afaik,
> so some calling code change triggers this? Guys, ideas?
>
> Linus
Problem is that aesni_enc is asmlinkage and it's casted to non-asmlinkage
function pointer (when using XTS mode). Doesn't break on x86-64, but on
x86-32 however.. My bad, sorry.
I'll send patch soon.
-Jussi
Calling convention for internal functions and 'asmlinkage' functions is
different on x86-32. Therefore do not directly cast aesni_enc as XTS tweak
function, but use wrapper function in between. Fixes crash with "XTS +
aesni_intel + x86-32" combination.
Cc: [email protected]
Reported-by: Krzysztof Kolasa <[email protected]>
Signed-off-by: Jussi Kivilinna <[email protected]>
---
arch/x86/crypto/aesni-intel_glue.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index 7c04d0d..1b9c22b 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -515,6 +515,11 @@ static int xts_aesni_setkey(struct crypto_tfm *tfm, const u8 *key,
}
+static void aesni_xts_tweak(void *ctx, u8 *out, const u8 *in)
+{
+ aesni_enc(ctx, out, in);
+}
+
static int xts_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
struct scatterlist *src, unsigned int nbytes)
{
@@ -525,7 +530,7 @@ static int xts_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
.tbuflen = sizeof(buf),
.tweak_ctx = aes_ctx(ctx->raw_tweak_ctx),
- .tweak_fn = XTS_TWEAK_CAST(aesni_enc),
+ .tweak_fn = aesni_xts_tweak,
.crypt_ctx = aes_ctx(ctx->raw_crypt_ctx),
.crypt_fn = lrw_xts_encrypt_callback,
};
@@ -550,7 +555,7 @@ static int xts_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
.tbuflen = sizeof(buf),
.tweak_ctx = aes_ctx(ctx->raw_tweak_ctx),
- .tweak_fn = XTS_TWEAK_CAST(aesni_enc),
+ .tweak_fn = aesni_xts_tweak,
.crypt_ctx = aes_ctx(ctx->raw_crypt_ctx),
.crypt_fn = lrw_xts_decrypt_callback,
};
From: Jussi Kivilinna <[email protected]>
Date: Thu, 18 Oct 2012 23:24:57 +0300
> Calling convention for internal functions and 'asmlinkage' functions is
> different on x86-32. Therefore do not directly cast aesni_enc as XTS tweak
> function, but use wrapper function in between. Fixes crash with "XTS +
> aesni_intel + x86-32" combination.
>
> Cc: [email protected]
> Reported-by: Krzysztof Kolasa <[email protected]>
> Signed-off-by: Jussi Kivilinna <[email protected]>
Acked-by: David S. Miller <[email protected]>