Bug 132997
| Summary: | Signed module causes unaligned kernel access | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | H.J. Lu <hongjiu.lu> | ||||
| Component: | kernel | Assignee: | David Howells <dhowells> | ||||
| Status: | CLOSED WORKSFORME | QA Contact: | Brian Brock <bbrock> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 4.0 | CC: | jbaron, jturner, wtogami | ||||
| Target Milestone: | --- | Keywords: | Reopened | ||||
| Target Release: | --- | ||||||
| Hardware: | ia64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2007-02-08 17:00:13 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
kernel unaligned accesses are legal and usually not a problem I'll neuter the warning 2.6.8-1.603 still reports: kernel unaligned access to 0xa0000002002d805e, ip=0xa0000001002112e0 kernel unaligned access to 0xa0000002002d806e, ip=0xa0000001002112e0 kernel unaligned access to 0xa0000002002d807e, ip=0xa0000001002112e0 kernel unaligned access to 0xa0000002002d808e, ip=0xa0000001002112e0 2.6.9-1.648_EL has the same problem: kernel unaligned access to 0xa00000020039805f, ip=0xa000000100215c80 kernel unaligned access to 0xa00000020039806f, ip=0xa000000100215c80 kernel unaligned access to 0xa00000020039807f, ip=0xa000000100215c80 kernel unaligned access to 0xa00000020039808f, ip=0xa000000100215c80 I have a patch for this. The problem is that the SHA1 crypto code is given a u8* to the buffer it is to digest, but then reads from it as u32* under certain circumstances. Situations can be contrived in which the u32* will be misaligned, either by preloading the digest with an odd number of bytes or by passing it a pointer that's not aligned on a 32-bit boundary. For most archs, this shouldn't be a problem as fixing up is possible, if not trivial; but for some archs fixing up isn't possible. So I've made the patch fix SHA1 rather than removing the warning from IA64. Created attachment 106966 [details]
Patch to fix SHA1's potential misaligned accesses
This patch works for me. Fix confirmed with latest code. Closing out. REOPENED status has been deprecated. ASSIGNED with keyword of Reopened is preferred. closed per comment #17. If anyone would like to revisit this issue, please reopen if need to. |
Starting from 1-579 kernel, signed module causes unaligned kernel access on ia64. I am getting kernel unaligned access to 0xa0000002002e47ee, ip=0xa000000100211960 Call Trace: [<a000000100017490>] show_stack+0x90/0xc0 sp=e00000017b8cf610 bsp=e00000017b8c9330 [<a0000001000174f0>] dump_stack+0x30/0x60 sp=e00000017b8cf7e0 bsp=e00000017b8c9318 [<a000000100043100>] ia64_handle_unaligned+0x540/0x2600 sp=e00000017b8cf7e0 bsp=e00000017b8c9290 [<a0000001000101b0>] ia64_prepare_handle_unaligned+0x30/0x60 sp=e00000017b8cf990 bsp=e00000017b8c9290 [<a00000010000fbe0>] ia64_leave_kernel+0x0/0x260 sp=e00000017b8cfba0 bsp=e00000017b8c9290 [<a000000100211960>] sha1_transform+0x60/0x3160 sp=e00000017b8cfd70 bsp=e00000017b8c9128 [<a000000100214c60>] sha1_update+0x120/0x1a0 sp=e00000017b8cfda0 bsp=e00000017b8c90e0 [<a00000010020fd40>] update_kernel+0x60/0x100 sp=e00000017b8cfda0 bsp=e00000017b8c90b0 [<a0000001000b3340>] module_verify_sig+0x660/0x740 sp=e00000017b8cfda0 bsp=e00000017b8c8ff0 [<a0000001000aed80>] load_module+0x7e0/0x2ba0 sp=e00000017b8cfda0 bsp=e00000017b8c8ec0 [<a0000001000b1220>] sys_init_module+0xe0/0x640 sp=e00000017b8cfe30 bsp=e00000017b8c8e50 [<a00000010000fa80>] ia64_ret_from_syscall+0x0/0x20 sp=e00000017b8cfe30 bsp=e00000017b8c8e50 [<a000000000010620>] 0xa000000000010620 sp=e00000017b8d0000 bsp=e00000017b8c8e50