On Wed, Dec 1, 2021 at 3:44 AM Jiri Slaby <jirislaby@xxxxxxxxxx> wrote: > > On 01. 12. 21, 9:00, Jiri Slaby wrote: > > On 23. 11. 21, 22:48, Pasha Tatashin wrote: > >> Add page table check hooks into routines that modify user page tables. > > > > Hi, > > > > I bisected to this as this causes crashes during modules load: > > And it's not enough to unset CONFIG_PAGE_TABLE_CHECK_ENFORCED. I had to > unset CONFIG_PAGE_TABLE_CHECK completely to get rid of this. Hi, Thanks for reporting this. Seems like module load for some reasons does not like the static branches. However, I was not able to repro this. Could you please share your config and the module that you were loading? Thank you, Pasha > > > #PF: supervisor write access in kernel mode > > #PF: error_code(0x0003) - permissions violation > > PGD 6d615067 P4D 6d615067 PUD 6d616063 PMD 800000006d2001e1 > > Oops: 0003 [#1] PREEMPT SMP PTI > > CPU: 0 PID: 6189 Comm: modprobe Kdump: loaded Tainted: G I E > > 5.16.0-rc2-next-20211129-vanilla #3 > > 83846a405f0e3937f5c8dfbc7d449622b8f46369 > > Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./To be > > filled by O.E.M., BIOS SDBLI944.86P 05/08/2007 > > RIP: 0010:jump_label_module_notify (kernel/jump_label.c:370 > > kernel/jump_label.c:670 kernel/jump_label.c:748) > > Code: 00 48 8b 43 08 a8 02 0f 85 e9 00 00 00 48 83 e0 fc 48 c7 02 00 00 > > 00 00 48 89 42 08 48 8b 43 08 83 e0 03 48 09 c2 48 83 ca 02 <48> 89 53 > > 08 4d 89 66 10 49 89 6e 08 48 8b 43 08 a8 02 0f 84 98 00 > > All code > > ======== > > 0: 00 48 8b add %cl,-0x75(%rax) > > 3: 43 08 a8 02 0f 85 e9 rex.XB or %bpl,-0x167af0fe(%r8) > > a: 00 00 add %al,(%rax) > > c: 00 48 83 add %cl,-0x7d(%rax) > > f: e0 fc loopne 0xd > > 11: 48 c7 02 00 00 00 00 movq $0x0,(%rdx) > > 18: 48 89 42 08 mov %rax,0x8(%rdx) > > 1c: 48 8b 43 08 mov 0x8(%rbx),%rax > > 20: 83 e0 03 and $0x3,%eax > > 23: 48 09 c2 or %rax,%rdx > > 26: 48 83 ca 02 or $0x2,%rdx > > 2a:* 48 89 53 08 mov %rdx,0x8(%rbx) <-- > > trapping instruction > > 2e: 4d 89 66 10 mov %r12,0x10(%r14) > > 32: 49 89 6e 08 mov %rbp,0x8(%r14) > > 36: 48 8b 43 08 mov 0x8(%rbx),%rax > > 3a: a8 02 test $0x2,%al > > 3c: 0f .byte 0xf > > 3d: 84 .byte 0x84 > > 3e: 98 cwtl > > ... > > > > Code starting with the faulting instruction > > =========================================== > > 0: 48 89 53 08 mov %rdx,0x8(%rbx) > > 4: 4d 89 66 10 mov %r12,0x10(%r14) > > 8: 49 89 6e 08 mov %rbp,0x8(%r14) > > c: 48 8b 43 08 mov 0x8(%rbx),%rax > > 10: a8 02 test $0x2,%al > > 12: 0f .byte 0xf > > 13: 84 .byte 0x84 > > 14: 98 cwtl > > ... > > RSP: 0018:ffffaf4dc051fbe8 EFLAGS: 00010282 > > RAX: 0000000000000001 RBX: ffffffff931ee760 RCX: 0000000000000001 > > RDX: ffff9d1aa7d43883 RSI: ffffffff91c50aa0 RDI: ffffffff931ee760 > > RBP: ffffffffc0782000 R08: 0000000000000020 R09: 0000000000000000 > > R10: ffff9d1aa7d43880 R11: 0000000000000000 R12: ffffffffc079a980 > > R13: ffffffffc0784080 R14: ffff9d1aa7d43ca0 R15: ffffffffc0782008 > > FS: 00007f87104b8740(0000) GS:ffff9d1b45c00000(0000) > > knlGS:0000000000000000 > > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > > CR2: ffffffff931ee768 CR3: 000000010fdce000 CR4: 00000000000006f0 > > Call Trace: > > <TASK> > > blocking_notifier_call_chain_robust (kernel/notifier.c:83 > > kernel/notifier.c:118 kernel/notifier.c:283 kernel/notifier.c:271) > > load_module (./include/linux/notifier.h:198 kernel/module.c:3923 > > kernel/module.c:4100) > > __do_sys_finit_module (kernel/module.c:4224) > > do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) > > entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:113) > > > >> Signed-off-by: Pasha Tatashin <pasha.tatashin@xxxxxxxxxx> > >> --- > >> arch/x86/Kconfig | 1 + > >> arch/x86/include/asm/pgtable.h | 29 +++++++++++++++++++++++++++-- > >> 2 files changed, 28 insertions(+), 2 deletions(-) > >> > > > > regards, > > > -- > js > suse labs
