Re: WARNING in ion_ioctl
From: Greg KH
Date: Thu Jan 04 2018 - 09:06:57 EST
On Thu, Jan 04, 2018 at 05:57:01AM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 71ee203389f7cb1c1927eab22b95baa01405791c
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console output is attached.
> C reproducer is attached
> syzkaller reproducer is attached. See https://goo.gl/kgGztJ
> for information about syzkaller reproducers
>
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+fa2d5f63ee5904a0115a@xxxxxxxxxxxxxxxxxxxxxxxxx
> It will help syzbot understand when the bug is fixed. See footer for
> details.
> If you forward the report, please keep this part and the footer.
>
> audit: type=1400 audit(1514734723.062:7): avc: denied { map } for
> pid=3502 comm="syzkaller809746" path="/root/syzkaller809746698" dev="sda1"
> ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
> tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
> WARNING: CPU: 0 PID: 3502 at drivers/staging/android/ion/ion-ioctl.c:73
> ion_ioctl+0x2db/0x380 drivers/staging/android/ion/ion-ioctl.c:73
> Kernel panic - not syncing: panic_on_warn set ...
This is to be expected when you pass in a crappy ion ioctl structure.
So don't do that :)
Yeah, it's a harsh warning, but I think the userspace developers like it
to ensure they got their implementation correct.
After the warning is thrown, all keeps working just fine.
thanks,
greg k-h