This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug runtime/17862] New: Kernel crash during on module insertion: kernel tried to execute NX-protected page - exploit attempt

https://sourceware.org/bugzilla/show_bug.cgi?id=17862

            Bug ID: 17862
           Summary: Kernel crash during on module insertion: kernel tried
                    to execute NX-protected page - exploit attempt
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: runtime
          Assignee: systemtap at sourceware dot org
          Reporter: izi at guardicore dot com

Getting an error of "kernel tried to execute NX-protected page - exploit
attempt" in syslog during module insertion. Problem is not reproduced on every
run, possibly due to races with other modules which are loaded at the same
time.

Attached is the failed script, which is precompiled into a .ko, and the
stap-report data.

Jan 21 02:59:15 ldsm kernel: [   13.454242] g_2475: systemtap: 2.6/0.157, base:
ffffffffa02d2000, memory: 221data/56text/64ctx/2058net/9alloc kb, probes: 7
Jan 21 02:59:15 ldsm kernel: [   13.489567] g_2471: systemtap: 2.6/0.157, base:
ffffffffa024d000, memory: 411data/88text/4417ctx/2058net/649alloc kb, probes:
10
Jan 21 02:59:15 ldsm kernel: [   13.542182] gc_2480: systemtap: 2.6/0.157,
base: ffffffffa031f000, memory: 195data/52text/960ctx/2058net/9alloc kb,
probes: 2
Jan 21 02:59:15 ldsm kernel: [   13.562902] g_2486: systemtap: 2.6/0.157, base:
ffffffffa035e000, memory: 191data/48text/448ctx/2058net/9alloc kb, probes: 2
Jan 21 02:59:15 ldsm kernel: [   13.580491] kernel tried to execute
NX-protected page - exploit attempt? (uid: 0)
Jan 21 02:59:15 ldsm kernel: [   13.580673] BUG: unable to handle kernel paging
request at ffff88003b22c0e1
Jan 21 02:59:15 ldsm kernel: [   13.580841] IP: [<ffff88003b22c0e1>]
0xffff88003b22c0e0
Jan 21 02:59:15 ldsm kernel: [   13.581018] PGD 1fd1067 PUD 1fd2067 PMD
3bd95063 PTE 800000003b22c163
Jan 21 02:59:15 ldsm kernel: [   13.581190] Oops: 0011 [#1] SMP
Jan 21 02:59:15 ldsm kernel: [   13.581346] Modules linked in: gc__2489(OF)
g_2486(OF) gc_2480(OF) g_2475(OF) g_2471(OF) veth(F) arc4(F) md4(F) nls_utf8
cifs(F) fscache(F) openvswitch gre(F) snd_hda_intel cirrus snd_hda_codec
snd_hwdep(F) microcode(F) ttm drm_kms_helper snd_pcm(F) snd_page_alloc(F)
snd_timer(F) psmouse(F) snd(F) serio_raw(F) virtio_balloon(F) soundcore(F) drm
syscopyarea(F) sysfillrect(F) sysimgblt(F) i2c_piix4 mac_hid lp(F) parport(F)
ext2(F) 8139too(F) 8139cp(F) mii(F) floppy(F)
Jan 21 02:59:15 ldsm kernel: [   13.582014] CPU: 0 PID: 2496 Comm: ntpd
Tainted: GF          O 3.11.0-12-generic #19-Ubuntu
Jan 21 02:59:15 ldsm kernel: [   13.582183] Hardware name: QEMU Standard PC
(i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
Jan 21 02:59:15 ldsm kernel: [   13.582352] task: ffff8800299bc650 ti:
ffff88002977e000 task.ti: ffff88002977e000
Jan 21 02:59:15 ldsm kernel: [   13.582515] RIP: 0010:[<ffff88003b22c0e1>] 
[<ffff88003b22c0e1>] 0xffff88003b22c0e0
Jan 21 02:59:15 ldsm kernel: [   13.582687] RSP: 0018:ffff88002977ff20  EFLAGS:
00010286
Jan 21 02:59:15 ldsm kernel: [   13.582843] RAX: ffff88003b22c0e1 RBX:
ffff88002977ff58 RCX: 0000000000000003
Jan 21 02:59:15 ldsm kernel: [   13.583005] RDX: 0000000000000000 RSI:
ffff88002977ff58 RDI: ffff880036c617a0
Jan 21 02:59:15 ldsm kernel: [   13.583168] RBP: ffff88002977ff40 R08:
000000000155629b R09: 0000000000000001
Jan 21 02:59:15 ldsm kernel: [   13.583333] R10: ffffea0000f33600 R11:
ffffffffa02dcc5c R12: ffff88003cc4c430
Jan 21 02:59:15 ldsm kernel: [   13.583496] R13: 0000000000000000 R14:
0000000000000000 R15: 0000000000000000
Jan 21 02:59:15 ldsm kernel: [   13.583659] FS:  0000000000000000(0000)
GS:ffff88003fc00000(0000) knlGS:0000000000000000
Jan 21 02:59:15 ldsm kernel: [   13.583826] CS:  0010 DS: 0000 ES: 0000 CR0:
000000008005003b
Jan 21 02:59:15 ldsm kernel: [   13.583984] CR2: ffff88003b22c0e1 CR3:
000000002979f000 CR4: 00000000000006f0
Jan 21 02:59:15 ldsm kernel: [   13.584020] Stack:
Jan 21 02:59:15 ldsm kernel: [   13.584020]  ffffffff8101fb17 0000000000000000
0000000000000000 0000000000000000
Jan 21 02:59:15 ldsm kernel: [   13.584020]  0000000000000000 ffffffff816f54bf
000000001008feff 0000000000000000
Jan 21 02:59:15 ldsm kernel: [   13.584020]  0000000000000000 0000000000000000
0000000000000000 0000000000000000
Jan 21 02:59:15 ldsm kernel: [   13.584020] Call Trace:
Jan 21 02:59:15 ldsm kernel: [   13.584020]  [<ffffffff8101fb17>] ?
syscall_trace_leave+0xd7/0xf0
Jan 21 02:59:15 ldsm kernel: [   13.584020]  [<ffffffff816f54bf>]
int_check_syscall_exit_work+0x34/0x3d
Jan 21 02:59:15 ldsm kernel: [   13.584020] Code: 00 00 07 00 00 00 00 00 00 00
58 99 c0 3c 00 88 ff ff 00 68 4d 3b 00 88 ff ff d0 99 c0 3c 00 88 ff ff d0 99
c0 3c 00 88 ff ff 60 <db> 25 3b 00 88 ff ff e0 c4 c4 3c 00 88 ff ff 20 c4 c4 3c
00 88
Jan 21 02:59:15 ldsm kernel: [   13.584020] RIP  [<ffff88003b22c0e1>]
0xffff88003b22c0e0
Jan 21 02:59:15 ldsm kernel: [   13.584020]  RSP <ffff88002977ff20>
Jan 21 02:59:15 ldsm kernel: [   13.584020] CR2: ffff88003b22c0e1
Jan 21 02:59:15 ldsm kernel: [   13.584020] ---[ end trace e1a4d67e626da1fa
]---

-- 
You are receiving this mail because:
You are the assignee for the bug.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]