| Message ID | 20220810061842.13755-1-palmer@rivosinc.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | RISC-V: defconfig: Remove CONFIG_SECURITY | expand |
On Tue, 09 Aug 2022 23:18:42 PDT (-0700), Palmer Dabbelt wrote: > A handful of security-related entries were added to defconfig in > ba6cfef057e1 ("riscv: enable Docker requirements in defconfig"), and > while they weren't triggering any issues in that actual commit they are > tripping up kasan after the merge. Remove them, so we get back to a > working defconfig. > > Fixes: 4d1044fcb996 ("Merge tag 'riscv-for-linus-5.20-mw0' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux") > Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com> > --- > I'm not entirely sure what's going on here: just cherry-picking that > defconfig onto the merge base of ea0c39260d0c ("Merge tag '9p-for-5.20' > of https://github.com/martinetd/linux") start triggering kasan failures > along the lines of > > [ 2.497182] Unable to handle kernel paging request at virtual address ffebfffefffef000 > [ 2.498067] Oops [#1] > [ 2.498304] Modules linked in: > [ 2.498703] CPU: 3 PID: 88 Comm: mount Not tainted 5.19.0-14658-g318ec69153ba #16 > [ 2.499169] Hardware name: riscv-virtio,qemu (DT) > [ 2.499581] epc : kasan_check_range+0x116/0x14c > [ 2.500812] ra : memset+0x1e/0x4c > [ 2.501092] epc : ffffffff8025c7da ra : ffffffff8025ceba sp : ff6000008307fa60 > [ 2.501451] gp : ffffffff81d6d100 tp : ff60000082fd3c00 t0 : ff6000008307fb30 > [ 2.501802] t1 : ffebfffefffef000 t2 : 0000000000000000 s0 : ff6000008307fa90 > [ 2.502153] s1 : 0000000000000004 a0 : 0000000000000010 a1 : 0000000000000004 > [ 2.502493] a2 : 0000000000000001 a3 : ffffffff801f3022 a4 : ff5ffffffff78000 > [ 2.502842] a5 : ffebfffefffef000 a6 : ffebfffefffef001 a7 : ff5ffffffff78003 > [ 2.503197] s2 : ff5ffffffff78000 s3 : 0000000000000000 s4 : ffffffff8159de88 > [ 2.503545] s5 : ff600001f7de99c0 s6 : ffffffff81d6e640 s7 : ffffffff81d78060 > [ 2.503913] s8 : ff60000080ffad38 s9 : ff5ffffffff78000 s10: 0000000000000008 > [ 2.504465] s11: 0000000000000010 t3 : 0000000000000000 t4 : ffebfffefffef000 > [ 2.504860] t5 : ffebfffefffef001 t6 : 0000000000000002 > [ 2.505142] status: 0000000000000120 badaddr: ffebfffefffef000 cause: 000000000000000d > [ 2.505570] [<ffffffff801f3022>] pcpu_alloc+0x454/0x7d4 > [ 2.505925] [<ffffffff801f33ce>] __alloc_percpu+0x14/0x1c > [ 2.506227] [<ffffffff800901bc>] __percpu_init_rwsem+0x1a/0x98 > [ 2.506546] [<ffffffff8027f018>] alloc_super+0xfc/0x3da > [ 2.506837] [<ffffffff8027fefc>] sget_fc+0x90/0x2c4 > [ 2.507116] [<ffffffff802808a2>] get_tree_nodev+0x24/0xa4 > [ 2.507410] [<ffffffff801e2564>] shmem_get_tree+0x14/0x1c > [ 2.507705] [<ffffffff8027e840>] vfs_get_tree+0x3a/0x11a > [ 2.508009] [<ffffffff802b2b54>] path_mount+0x2f4/0xbd6 > [ 2.508784] [<ffffffff802b3b2c>] sys_mount+0x1ae/0x26c > [ 2.509099] [<ffffffff80003b10>] ret_from_syscall+0x0/0x2 > [ 2.509787] ---[ end trace 0000000000000000 ]--- > > they're only showing up on the QEMU virt "-smp 8" (not "-smp 4"). I'm > pretty confident there's some other bug lurking here and we've just > happened to uncover it, and while I hate to drop parts of the config > it's just too much of a headache to have a broken defconfig whih kasan > enabled. > --- > arch/riscv/configs/defconfig | 4 ---- > 1 file changed, 4 deletions(-) > > diff --git a/arch/riscv/configs/defconfig b/arch/riscv/configs/defconfig > index aed332a9d4ea..3ae79af77806 100644 > --- a/arch/riscv/configs/defconfig > +++ b/arch/riscv/configs/defconfig > @@ -179,10 +179,6 @@ CONFIG_ROOT_NFS=y > CONFIG_9P_FS=y > CONFIG_NLS_CODEPAGE_437=y > CONFIG_NLS_ISO8859_1=m > -CONFIG_SECURITY=y > -CONFIG_SECURITY_SELINUX=y > -CONFIG_SECURITY_APPARMOR=y > -CONFIG_DEFAULT_SECURITY_DAC=y > CONFIG_CRYPTO_USER_API_HASH=y > CONFIG_CRYPTO_DEV_VIRTIO=y > CONFIG_PRINTK_TIME=y Looks like this one has been fixed somewhere in Linus' tree already, so I'm dropping it.
diff --git a/arch/riscv/configs/defconfig b/arch/riscv/configs/defconfig index aed332a9d4ea..3ae79af77806 100644 --- a/arch/riscv/configs/defconfig +++ b/arch/riscv/configs/defconfig @@ -179,10 +179,6 @@ CONFIG_ROOT_NFS=y CONFIG_9P_FS=y CONFIG_NLS_CODEPAGE_437=y CONFIG_NLS_ISO8859_1=m -CONFIG_SECURITY=y -CONFIG_SECURITY_SELINUX=y -CONFIG_SECURITY_APPARMOR=y -CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_CRYPTO_USER_API_HASH=y CONFIG_CRYPTO_DEV_VIRTIO=y CONFIG_PRINTK_TIME=y
A handful of security-related entries were added to defconfig in ba6cfef057e1 ("riscv: enable Docker requirements in defconfig"), and while they weren't triggering any issues in that actual commit they are tripping up kasan after the merge. Remove them, so we get back to a working defconfig. Fixes: 4d1044fcb996 ("Merge tag 'riscv-for-linus-5.20-mw0' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux") Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com> --- I'm not entirely sure what's going on here: just cherry-picking that defconfig onto the merge base of ea0c39260d0c ("Merge tag '9p-for-5.20' of https://github.com/martinetd/linux") start triggering kasan failures along the lines of [ 2.497182] Unable to handle kernel paging request at virtual address ffebfffefffef000 [ 2.498067] Oops [#1] [ 2.498304] Modules linked in: [ 2.498703] CPU: 3 PID: 88 Comm: mount Not tainted 5.19.0-14658-g318ec69153ba #16 [ 2.499169] Hardware name: riscv-virtio,qemu (DT) [ 2.499581] epc : kasan_check_range+0x116/0x14c [ 2.500812] ra : memset+0x1e/0x4c [ 2.501092] epc : ffffffff8025c7da ra : ffffffff8025ceba sp : ff6000008307fa60 [ 2.501451] gp : ffffffff81d6d100 tp : ff60000082fd3c00 t0 : ff6000008307fb30 [ 2.501802] t1 : ffebfffefffef000 t2 : 0000000000000000 s0 : ff6000008307fa90 [ 2.502153] s1 : 0000000000000004 a0 : 0000000000000010 a1 : 0000000000000004 [ 2.502493] a2 : 0000000000000001 a3 : ffffffff801f3022 a4 : ff5ffffffff78000 [ 2.502842] a5 : ffebfffefffef000 a6 : ffebfffefffef001 a7 : ff5ffffffff78003 [ 2.503197] s2 : ff5ffffffff78000 s3 : 0000000000000000 s4 : ffffffff8159de88 [ 2.503545] s5 : ff600001f7de99c0 s6 : ffffffff81d6e640 s7 : ffffffff81d78060 [ 2.503913] s8 : ff60000080ffad38 s9 : ff5ffffffff78000 s10: 0000000000000008 [ 2.504465] s11: 0000000000000010 t3 : 0000000000000000 t4 : ffebfffefffef000 [ 2.504860] t5 : ffebfffefffef001 t6 : 0000000000000002 [ 2.505142] status: 0000000000000120 badaddr: ffebfffefffef000 cause: 000000000000000d [ 2.505570] [<ffffffff801f3022>] pcpu_alloc+0x454/0x7d4 [ 2.505925] [<ffffffff801f33ce>] __alloc_percpu+0x14/0x1c [ 2.506227] [<ffffffff800901bc>] __percpu_init_rwsem+0x1a/0x98 [ 2.506546] [<ffffffff8027f018>] alloc_super+0xfc/0x3da [ 2.506837] [<ffffffff8027fefc>] sget_fc+0x90/0x2c4 [ 2.507116] [<ffffffff802808a2>] get_tree_nodev+0x24/0xa4 [ 2.507410] [<ffffffff801e2564>] shmem_get_tree+0x14/0x1c [ 2.507705] [<ffffffff8027e840>] vfs_get_tree+0x3a/0x11a [ 2.508009] [<ffffffff802b2b54>] path_mount+0x2f4/0xbd6 [ 2.508784] [<ffffffff802b3b2c>] sys_mount+0x1ae/0x26c [ 2.509099] [<ffffffff80003b10>] ret_from_syscall+0x0/0x2 [ 2.509787] ---[ end trace 0000000000000000 ]--- they're only showing up on the QEMU virt "-smp 8" (not "-smp 4"). I'm pretty confident there's some other bug lurking here and we've just happened to uncover it, and while I hate to drop parts of the config it's just too much of a headache to have a broken defconfig whih kasan enabled. --- arch/riscv/configs/defconfig | 4 ---- 1 file changed, 4 deletions(-)