On 2021/04/15 0:39, Andrey Konovalov wrote: > On Wed, Apr 14, 2021 at 7:45 AM Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote: >> >> On Tue, Apr 13, 2021 at 11:27 PM syzbot >> <syzbot+9ce030d4c89856b27619@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote: >>> >>> Hello, >>> >>> syzbot found the following issue on: >>> >>> HEAD commit: 89698bec Merge tag 'm68knommu-for-v5.12-rc7' of git://git... >>> git tree: upstream >>> console output: https://syzkaller.appspot.com/x/log.txt?x=1243fcfed00000 >>> kernel config: https://syzkaller.appspot.com/x/.config?x=b234ddbbe2953747 >>> dashboard link: https://syzkaller.appspot.com/bug?extid=9ce030d4c89856b27619 >>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=173e92fed00000 >>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1735da2ed00000 >>> >>> IMPORTANT: if you fix the issue, please add the following tag to the commit: >>> Reported-by: syzbot+9ce030d4c89856b27619@xxxxxxxxxxxxxxxxxxxxxxxxx >>> >>> output_len: 0x000000000e74eb68 >>> kernel_total_size: 0x000000000f226000 >>> needed_size: 0x000000000f400000 >>> trampoline_32bit: 0x000000000009d000 >>> Decompressing Linux... Parsing ELF... done. >>> Booting the kernel. >> >> +linux-input >> >> The reproducer connects some USB HID device and communicates with the driver. >> Previously we observed reboots because HID devices can trigger reboot >> SYSRQ, but we disable it with "CONFIG_MAGIC_SYSRQ is not set". >> How else can a USB device reboot the machine? Is it possible to disable it? >> I don't see any direct includes of <linux/reboot.h> in drivers/usb/* > > This happens when a keyboard sends the Ctrl+Alt+Del sequence, see > fn_boot_it()->ctrl_alt_del() in drivers/tty/vt/keyboard.c. > > There was a patchset by Tetsuo [1] to suppress this, but I think it > was abandoned. Not abandoned; I'm waiting for you to join the discussion. But for right now I'm trying to merge LOCKDEP's capacity tuning patch for https://github.com/google/syzkaller/pull/2535 in the next merge window. I still believe that ctrl_alt_del() etc. should be initially controlled via kernel config options (despite Linus's objection at https://lore.kernel.org/lkml/CAHk-=wgz=7MGxxX-tmMmdCsKyYJkuyxNc-4uLP=e_eEV=OzUaw@xxxxxxxxxxxxxx/ ), for we will need several trials and errors (and an effort to avoid kernel size bloating like https://lkml.kernel.org/r/YD57hjaSmsYapHnQ@alley still remains) before we can determine usable units for allow toggling via kernel command line options. > > (This reminds of a somewhat related syzkaller issue: > https://github.com/google/syzkaller/issues/1824; it relies on a > similar reproducer.) > > [1] https://groups.google.com/g/syzkaller/c/7wCmrGlLgm0/m/5yG6HVtbBQAJ >
