Bug#902891: nvidia-kernel-source: usercopy: Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache'
Michael Welsh Duggan
md5i at md5i.com
Tue Jul 3 00:14:48 BST 2018
Package: nvidia-kernel-source
Version: 390.67-1
Severity: important
Dear Maintainer,
When I upgraded to nvidia 390.67-1 and linux-image-4.16.0-2-amd64
4.16.16-2 at the same time, I got the kernel error below, the first line
of which reads:
Jul 2 18:08:06 maru2 kernel: [ 13.368235] usercopy: Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache' (offset 11440, size 3)!
In the course of researching this problem, I found this page which seems
to be this problem and a fix to it:
<URL:https://devtalk.nvidia.com/default/topic/1031067/linux/-linux416-nvidia-390-48-nvidia_stack_cache-rip-0010-usercopy_warn-0x7e-0xa0/>
Applying the patch at the end of this discussion and rebuilding the
modules allowed things to work for me again.
Without this, I was unable to get a working system without running in
single-user mode or ssh-ing in remotely. (It mucked with the display
mode settings before crashing.)
Jul 2 18:08:06 maru2 kernel: [ 13.368235] usercopy: Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache' (offset 11440, size 3)!
Jul 2 18:08:06 maru2 kernel: [ 13.368241] ------------[ cut here ]------------
Jul 2 18:08:06 maru2 kernel: [ 13.368242] kernel BUG at /build/linux-uwVqDp/linux-4.16.16/mm/usercopy.c:100!
Jul 2 18:08:06 maru2 kernel: [ 13.368246] invalid opcode: 0000 [#1] SMP PTI
Jul 2 18:08:06 maru2 kernel: [ 13.368247] Modules linked in: ipt_REJECT nf_reject_ipv4 xt_multiport iptable_filter snd_hrtimer snd_seq snd_seq_device binfmt_misc snd_hda_codec_hdmi pktcdvd eeepc_wmi asus_wmi iTCO_wdt sparse_keymap iTCO_vendor_support mxm_wmi wmi_bmof rfkill intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm irqbypass crct10dif_pclmul crc32_pclmul snd_hda_codec_realtek snd_hda_codec_generic ghash_clmulni_intel intel_cstate intel_uncore intel_rapl_perf evdev snd_hda_intel serio_raw pcspkr snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd mei_me sg lpc_ich mei soundcore shpchp wmi video button nvidia_drm(PO) drm_kms_helper drm nvidia_modeset(PO) nvidia(PO) ipmi_devintf ipmi_msghandler parport_pc sunrpc ppdev lp parport ip_tables x_tables autofs4 btrfs zstd_decompress zstd_compress xxhash raid10
Jul 2 18:08:06 maru2 kernel: [ 13.368286] raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod sr_mod cdrom hid_generic sd_mod usbhid hid crc32c_intel aesni_intel aes_x86_64 crypto_simd cryptd glue_helper ahci libahci i2c_i801 xhci_pci ehci_pci libata xhci_hcd ehci_hcd scsi_mod e1000e usbcore usb_common fan thermal
Jul 2 18:08:06 maru2 kernel: [ 13.368312] CPU: 2 PID: 956 Comm: Xorg Tainted: P O 4.16.0-2-amd64 #1 Debian 4.16.16-2
Jul 2 18:08:06 maru2 kernel: [ 13.368313] Hardware name: ASUS All Series/Z87-PLUS, BIOS 1007 05/17/2013
Jul 2 18:08:06 maru2 kernel: [ 13.368317] RIP: 0010:usercopy_abort+0x69/0x80
Jul 2 18:08:06 maru2 kernel: [ 13.368318] RSP: 0018:ffffad36c9977b50 EFLAGS: 00010282
Jul 2 18:08:06 maru2 kernel: [ 13.368319] RAX: 000000000000006f RBX: 0000000000000003 RCX: 0000000000000000
Jul 2 18:08:06 maru2 kernel: [ 13.368320] RDX: 0000000000000000 RSI: ffff9593ded16738 RDI: ffff9593ded16738
Jul 2 18:08:06 maru2 kernel: [ 13.368321] RBP: 0000000000000003 R08: 00000000000003d6 R09: 0000000000000007
Jul 2 18:08:06 maru2 kernel: [ 13.368322] R10: ffffffffab077e48 R11: ffffffffab7a8dcd R12: 0000000000000001
Jul 2 18:08:06 maru2 kernel: [ 13.368323] R13: ffff95939953acb3 R14: 0000000000000000 R15: ffff95939953acf8
Jul 2 18:08:06 maru2 kernel: [ 13.368324] FS: 00007f49665b96c0(0000) GS:ffff9593ded00000(0000) knlGS:0000000000000000
Jul 2 18:08:06 maru2 kernel: [ 13.368325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Jul 2 18:08:06 maru2 kernel: [ 13.368326] CR2: 00007f49602f2c20 CR3: 00000007dbdce003 CR4: 00000000001606e0
Jul 2 18:08:06 maru2 kernel: [ 13.368327] Call Trace:
Jul 2 18:08:06 maru2 kernel: [ 13.368332] __check_heap_object+0xe7/0x120
Jul 2 18:08:06 maru2 kernel: [ 13.368334] __check_object_size+0x9c/0x1a0
Jul 2 18:08:06 maru2 kernel: [ 13.368445] os_memcpy_to_user+0x21/0x40 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.368567] _nv009384rm+0xbf/0xe0 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.368671] ? _nv028088rm+0x79/0x90 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.368772] ? _nv028088rm+0x55/0x90 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.368867] ? _nv013695rm+0xee/0x100 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.368960] ? _nv015343rm+0x154/0x270 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369077] ? _nv008317rm+0x134/0x1a0 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369192] ? _nv008296rm+0x29c/0x2b0 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369305] ? _nv001072rm+0xe/0x20 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369419] ? _nv007324rm+0xd8/0x100 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369530] ? _nv001171rm+0x627/0x830 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369642] ? rm_ioctl+0x73/0x100 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369699] ? nvidia_ioctl+0xb0/0x730 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369756] ? nvidia_ioctl+0x57c/0x730 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369759] ? kmem_cache_free+0x19c/0x1d0
Jul 2 18:08:06 maru2 kernel: [ 13.369814] ? nvidia_frontend_unlocked_ioctl+0x3e/0x50 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.369816] ? do_vfs_ioctl+0xa4/0x630
Jul 2 18:08:06 maru2 kernel: [ 13.369818] ? __fput+0x164/0x1e0
Jul 2 18:08:06 maru2 kernel: [ 13.369819] ? SyS_ioctl+0x74/0x80
Jul 2 18:08:06 maru2 kernel: [ 13.369822] ? do_syscall_64+0x6c/0x130
Jul 2 18:08:06 maru2 kernel: [ 13.369824] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jul 2 18:08:06 maru2 kernel: [ 13.369825] Code: 0f 44 d0 53 48 c7 c0 41 de 03 ab 51 48 c7 c6 dd d3 02 ab 41 53 48 89 f9 48 0f 45 f0 4c 89 d2 48 c7 c7 28 df 03 ab e8 f1 2e ea ff <0f> 0b 49 c7 c1 ac de 04 ab 4d 89 cb 4d 89 c8 eb a5 66 0f 1f 44
Jul 2 18:08:06 maru2 kernel: [ 13.369843] RIP: usercopy_abort+0x69/0x80 RSP: ffffad36c9977b50
Jul 2 18:08:06 maru2 kernel: [ 13.369845] ---[ end trace eb42127c9c2a2699 ]---
Jul 2 18:08:06 maru2 kernel: [ 13.370387] general protection fault: 0000 [#2] SMP PTI
Jul 2 18:08:06 maru2 kernel: [ 13.370388] Modules linked in: ipt_REJECT nf_reject_ipv4 xt_multiport iptable_filter snd_hrtimer snd_seq snd_seq_device binfmt_misc snd_hda_codec_hdmi pktcdvd eeepc_wmi asus_wmi iTCO_wdt sparse_keymap iTCO_vendor_support mxm_wmi wmi_bmof rfkill intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm irqbypass crct10dif_pclmul crc32_pclmul snd_hda_codec_realtek snd_hda_codec_generic ghash_clmulni_intel intel_cstate intel_uncore intel_rapl_perf evdev snd_hda_intel serio_raw pcspkr snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd mei_me sg lpc_ich mei soundcore shpchp wmi video button nvidia_drm(PO) drm_kms_helper drm nvidia_modeset(PO) nvidia(PO) ipmi_devintf ipmi_msghandler parport_pc sunrpc ppdev lp parport ip_tables x_tables autofs4 btrfs zstd_decompress zstd_compress xxhash raid10
Jul 2 18:08:06 maru2 kernel: [ 13.370415] raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod sr_mod cdrom hid_generic sd_mod usbhid hid crc32c_intel aesni_intel aes_x86_64 crypto_simd cryptd glue_helper ahci libahci i2c_i801 xhci_pci ehci_pci libata xhci_hcd ehci_hcd scsi_mod e1000e usbcore usb_common fan thermal
Jul 2 18:08:06 maru2 kernel: [ 13.370431] CPU: 2 PID: 956 Comm: Xorg Tainted: P D O 4.16.0-2-amd64 #1 Debian 4.16.16-2
Jul 2 18:08:06 maru2 kernel: [ 13.370432] Hardware name: ASUS All Series/Z87-PLUS, BIOS 1007 05/17/2013
Jul 2 18:08:06 maru2 kernel: [ 13.370547] RIP: 0010:_nv007222rm+0x25/0x90 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.370548] RSP: 0018:ffffad36c9977d20 EFLAGS: 00010006
Jul 2 18:08:06 maru2 kernel: [ 13.370549] RAX: 48e28944ffffff36 RBX: ffffffffc15522b8 RCX: ffffad36c9977db0
Jul 2 18:08:06 maru2 kernel: [ 13.370550] RDX: ffffffffc08f4515 RSI: 00000000000003bc RDI: ffffffffc15522b8
Jul 2 18:08:06 maru2 kernel: [ 13.370551] RBP: ffff959387242ff8 R08: 0000000000000000 R09: ffffad36c9977dac
Jul 2 18:08:06 maru2 kernel: [ 13.370552] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000003bc
Jul 2 18:08:06 maru2 kernel: [ 13.370553] R13: ffff959390b19400 R14: ffff959399471000 R15: ffff9593b3cd6000
Jul 2 18:08:06 maru2 kernel: [ 13.370554] FS: 0000000000000000(0000) GS:ffff9593ded00000(0000) knlGS:0000000000000000
Jul 2 18:08:06 maru2 kernel: [ 13.370555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Jul 2 18:08:06 maru2 kernel: [ 13.370556] CR2: 00007f49602f2c20 CR3: 000000009d40a002 CR4: 00000000001606e0
Jul 2 18:08:06 maru2 kernel: [ 13.370556] Call Trace:
Jul 2 18:08:06 maru2 kernel: [ 13.370671] ? _nv025915rm+0x13/0x50 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.370792] ? _nv035646rm+0x144/0x1e0 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.370905] ? rm_free_unused_clients+0x4f/0xe0 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.370960] ? nv_check_pci_config_space+0x285/0x320 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.371015] ? nvidia_close+0xba/0x350 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.371069] ? nvidia_frontend_close+0x2a/0x40 [nvidia]
Jul 2 18:08:06 maru2 kernel: [ 13.371071] ? __fput+0xd0/0x1e0
Jul 2 18:08:06 maru2 kernel: [ 13.371073] ? task_work_run+0x8a/0xb0
Jul 2 18:08:06 maru2 kernel: [ 13.371075] ? do_exit+0x2e1/0xb40
Jul 2 18:08:06 maru2 kernel: [ 13.371078] ? SyS_ioctl+0x74/0x80
Jul 2 18:08:06 maru2 kernel: [ 13.371080] ? rewind_stack_do_exit+0x17/0x20
Jul 2 18:08:06 maru2 kernel: [ 13.371081] Code: 84 00 00 00 00 00 31 c9 48 85 ff 53 48 89 fb 74 0d 48 85 d2 74 08 48 63 47 08 48 8d 0c 10 48 8b 03 31 d2 0f 1f 00 48 85 c0 74 11 <48> 39 30 48 89 c2 76 47 48 8b 40 10 48 85 c0 75 ef 48 85 d2 48
Jul 2 18:08:06 maru2 kernel: [ 13.371214] RIP: _nv007222rm+0x25/0x90 [nvidia] RSP: ffffad36c9977d20
Jul 2 18:08:06 maru2 kernel: [ 13.371215] ---[ end trace eb42127c9c2a269a ]---
-- Package-specific info:
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-nvidia-devel/attachments/20180702/6b237453/attachment-0001.ksh>
-------------- next part --------------
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.16.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages nvidia-kernel-source depends on:
ii debhelper 11.3.5
ii make 4.2.1-1
ii quilt 0.65-1
ii xz-utils 5.2.2-1.3
Versions of packages nvidia-kernel-source recommends:
ii kernel-package 13.018+nmu1
ii module-assistant 0.11.10
ii nvidia-kernel-support 390.67-1
Versions of packages nvidia-kernel-source suggests:
ii nvidia-driver 390.67-1
Versions of packages nvidia-driver depends on:
ii nvidia-alternative 390.67-1
ii nvidia-driver-bin 390.67-1
ii nvidia-driver-libs 390.67-1
ii nvidia-installer-cleanup 20151021+8
ii nvidia-kernel-dkms [nvidia-kernel-390.67] 390.67-1
ii nvidia-legacy-check 390.67-1
ii nvidia-support 20151021+8
ii nvidia-vdpau-driver 390.67-1
ii xserver-xorg-video-nvidia 390.67-1
Versions of packages nvidia-driver recommends:
ii nvidia-persistenced 390.25-1
ii nvidia-settings 390.48-2
nvidia-driver suggests no packages.
Versions of packages nvidia-driver-libs:amd64 depends on:
ii libgl1-nvidia-glvnd-glx 390.67-1
ii nvidia-egl-icd 390.67-1
Versions of packages nvidia-driver-libs:amd64 recommends:
ii libgles-nvidia2 390.67-1
ii libglx-nvidia0 390.67-1
ii libnvidia-cfg1 390.67-1
ii libopengl0 1.0.0+git20180308-3
ii nvidia-driver-libs-i386 390.67-1
ii nvidia-egl-wayland-icd 390.67-1
pn nvidia-vulkan-icd <none>
Versions of packages nvidia-driver-libs:i386 depends on:
ii libgl1-nvidia-glvnd-glx 390.67-1
ii nvidia-egl-icd 390.67-1
Versions of packages nvidia-driver-libs:i386 recommends:
ii libgles-nvidia2 390.67-1
ii libglx-nvidia0 390.67-1
ii libnvidia-cfg1 390.67-1
ii libopengl0 1.0.0+git20180308-3
ii nvidia-egl-wayland-icd 390.67-1
pn nvidia-vulkan-icd <none>
Versions of packages xserver-xorg-video-nvidia depends on:
ii libc6 2.27-3
ii libnvidia-glcore 390.67-1
ii nvidia-alternative 390.67-1
ii nvidia-installer-cleanup 20151021+8
ii nvidia-legacy-check 390.67-1
ii nvidia-support 20151021+8
ii xserver-xorg-core [xorg-video-abi-24] 2:1.20.0-3
Versions of packages xserver-xorg-video-nvidia recommends:
ii nvidia-driver 390.67-1
ii nvidia-kernel-dkms [nvidia-kernel-390.67] 390.67-1
ii nvidia-settings 390.48-2
ii nvidia-vdpau-driver 390.67-1
xserver-xorg-video-nvidia suggests no packages.
Versions of packages nvidia-alternative depends on:
ii dpkg 1.19.0.5+b1
ii glx-alternative-nvidia 0.8.3
ii nvidia-legacy-check 390.67-1
Versions of packages nvidia-kernel-dkms depends on:
ii dkms 2.3-3
ii nvidia-installer-cleanup 20151021+8
ii nvidia-kernel-support [nvidia-kernel-support--v1] 390.67-1
Versions of packages nvidia-kernel-dkms recommends:
ii nvidia-driver 390.67-1
Versions of packages glx-alternative-nvidia depends on:
ii dpkg 1.19.0.5+b1
ii glx-alternative-mesa 0.8.3
ii glx-diversions 0.8.3
ii update-glx 0.8.3
Versions of packages glx-alternative-nvidia suggests:
ii nvidia-driver 390.67-1
Versions of packages xserver-xorg-video-intel depends on:
ii libc6 2.27-3
ii libdrm-intel1 2.4.92-1
ii libdrm2 2.4.92-1
ii libpciaccess0 0.14-1
ii libpixman-1-0 0.34.0-2
ii libudev1 239-3
ii libx11-6 2:1.6.5-1
ii libx11-xcb1 2:1.6.5-1
ii libxcb-dri2-0 1.13-1
ii libxcb-dri3-0 1.13-1
ii libxcb-sync1 1.13-1
ii libxcb-util0 0.3.8-3+b2
ii libxcb1 1.13-1
ii libxcursor1 1:1.1.15-1
ii libxdamage1 1:1.1.4-3
ii libxext6 2:1.3.3-1+b2
ii libxfixes3 1:5.0.3-1
ii libxinerama1 2:1.1.3-1+b3
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxshmfence1 1.3-1
ii libxss1 1:1.2.2-1+b2
ii libxtst6 2:1.2.3-1
ii libxv1 2:1.0.11-1
ii libxvmc1 2:1.0.10-1
ii xserver-xorg-core [xorg-video-abi-24] 2:1.20.0-3
Versions of packages nvidia-kernel-source is related to:
pn bumblebee <none>
pn bumblebee-nvidia <none>
pn ccache <none>
pn libcuda1 <none>
pn libcuda1-any <none>
pn libdrm-nouveau1 <none>
pn libdrm-nouveau1a <none>
ii libdrm-nouveau2 2.4.92-1
ii libegl1 1.0.0+git20180308-3
ii libgl1 1.0.0+git20180308-3
ii libgl1-nvidia-glvnd-glx [libgl1-nvidia-glx-any] 390.67-1
pn libgles1 <none>
ii libgles2 1.0.0+git20180308-3
ii libglvnd0 1.0.0+git20180308-3
ii libglx0 1.0.0+git20180308-3
pn libopencl0 <none>
ii libvulkan1 1.1.73+dfsg-1
pn linux-headers <none>
ii make 4.2.1-1
ii nvidia-driver [nvidia-glx-any] 390.67-1
pn nvidia-glx <none>
ii nvidia-kernel-common 20151021+8
ii nvidia-kernel-dkms 390.67-1
ii nvidia-kernel-source 390.67-1
ii nvidia-kernel-support [nvidia-kernel-support-any] 390.67-1
ii nvidia-modprobe 390.25-1
ii nvidia-settings 390.48-2
ii nvidia-support 20151021+8
ii nvidia-xconfig 390.25-1
ii ocl-icd-libopencl1 [libopencl1] 2.2.12-1
pn opencl-icd <none>
pn vulkan-icd <none>
ii xserver-xorg 1:7.7+19
ii xserver-xorg-core 2:1.20.0-3
ii xserver-xorg-legacy 2:1.20.0-3
ii xserver-xorg-video-nouveau 1:1.0.15-3
ii xserver-xorg-video-nvidia [xserver-xorg-video-nvidia-a 390.67-1
-- debconf information:
nvidia-driver/supported-in-legacy-driver-name:
nvidia-driver/supported-in-legacy-driver-name:
nvidia-driver/check-for-unsupported-gpu: true
nvidia-driver/check-for-unsupported-gpu: true
nvidia-driver/install-even-if-unsupported-gpu-exists: false
nvidia-driver/install-even-if-unsupported-gpu-exists: false
--
Michael Welsh Duggan
(md5i at md5i.com)
More information about the pkg-nvidia-devel
mailing list