Re: Unaligned kernel access in crypto/sha1.c

From: Andrew Morton
Date: Mon Sep 20 2004 - 13:41:06 EST

Next message: Dipankar Sarma: "Re: [patch 2/3] Remove d_bucket"
Previous message: Brad Campbell: "2.6.9-rc2 kswapd0: page allocation failure. order:2, mode:0x20"
In reply to: H. J. Lu: "Re: Unaligned kernel access in crypto/sha1.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"H. J. Lu" <hjl@xxxxxxxxx> wrote:
>
> On Fri, Sep 17, 2004 at 10:11:08PM -0700, Andrew Morton wrote:
> > "H. J. Lu" <hjl@xxxxxxxxx> wrote:
> > >
> > > I got
> > >
> > > Sep 16 15:45:32 gnu-2 kernel: kernel unaligned access to
> > > 0xa0000002001c008e, ip=0xa0000001002135e0
> > > Sep 16 15:45:37 gnu-2 kernel: kernel unaligned access to
> > > 0xa0000002002d005e, ip=0xa0000001002135e0
> > > Sep 16 15:45:37 gnu-2 kernel: kernel unaligned access to
> > > 0xa0000002002d006e, ip=0xa0000001002135e0
> > > Sep 16 15:45:37 gnu-2 kernel: kernel unaligned access to
> > > 0xa0000002002d007e, ip=0xa0000001002135e0
> > > Sep 16 15:45:37 gnu-2 kernel: kernel unaligned access to
> > > 0xa0000002002d008e, ip=0xa0000001002135e0
> > >
> > > on ia64 from sha1_transform in crypto/sha1.c:
> > >
> > > /* Hash a single 512-bit block. This is the core of the algorithm. */
> > > static void sha1_transform(u32 *state, const u8 *in)
> > > {
> > > u32 a, b, c, d, e;
> > > u32 block32[16];
> > >
> > > /* convert/copy data to workspace */
> > > for (a = 0; a < sizeof(block32)/sizeof(u32); a++)
> > > block32[a] = be32_to_cpu (((const u32 *)in)[a]);
> > > ^^^^^^^^^^^^^^^^
> > > This may not be aligned for u32 on ia64.
> > >
> > >
> >
> > We really need to know the call trace here.
> >
>
> This is from a kernel with signed module support.
>
> kernel unaligned access to 0xa0000002002e47ee, ip=0xa000000100211960
>
> Call Trace:
> [<a000000100017490>] show_stack+0x90/0xc0
> sp=e00000017b8cf610
> bsp=e00000017b8c9330
> [<a0000001000174f0>] dump_stack+0x30/0x60
> sp=e00000017b8cf7e0
> bsp=e00000017b8c9318
> [<a000000100043100>] ia64_handle_unaligned+0x540/0x2600
> sp=e00000017b8cf7e0
> bsp=e00000017b8c9290
> [<a0000001000101b0>] ia64_prepare_handle_unaligned+0x30/0x60
> sp=e00000017b8cf990
> bsp=e00000017b8c9290
> [<a00000010000fbe0>] ia64_leave_kernel+0x0/0x260
> sp=e00000017b8cfba0
> bsp=e00000017b8c9290
> [<a000000100211960>] sha1_transform+0x60/0x3160
> sp=e00000017b8cfd70
> bsp=e00000017b8c9128
> [<a000000100214c60>] sha1_update+0x120/0x1a0
> sp=e00000017b8cfda0
> bsp=e00000017b8c90e0
> [<a00000010020fd40>] update_kernel+0x60/0x100
> sp=e00000017b8cfda0
> bsp=e00000017b8c90b0
> [<a0000001000b3340>] module_verify_sig+0x660/0x740
> sp=e00000017b8cfda0

The bug is in either module_verify_sig() or in update_kernel().

Neither of these functions are present in kernel.org kernels, so there's
some sort of lesson there.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dipankar Sarma: "Re: [patch 2/3] Remove d_bucket"
Previous message: Brad Campbell: "2.6.9-rc2 kswapd0: page allocation failure. order:2, mode:0x20"
In reply to: H. J. Lu: "Re: Unaligned kernel access in crypto/sha1.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]