search

djpohly / piuio

Custom PIUIO module for Linux
GNU General Public License v2.0
29 stars 13 forks source link

Null pointer dereference when installing kernel module #19

Open jefflloyd opened 3 years ago

jefflloyd commented 3 years ago

I'm trying to install PIUIO on a fresh Ubuntu 20.04.2 image.

root@sm5:~/piuio/mod# make
make -C /lib/modules/5.8.0-53-generic/build M=/root/piuio/mod modules
make[1]: Entering directory '/usr/src/linux-headers-5.8.0-53-generic'
make[1]: Leaving directory '/usr/src/linux-headers-5.8.0-53-generic'
root@sm5:~/piuio/mod# make install
make -C /lib/modules/5.8.0-53-generic/build M=/root/piuio/mod modules_install
make[1]: Entering directory '/usr/src/linux-headers-5.8.0-53-generic'
  INSTALL /root/piuio/mod/piuio.ko
At main.c:160:
- SSL error:02001002:system library:fopen:No such file or directory: ../crypto/bio/bss_file.c:69
- SSL error:2006D080:BIO routines:BIO_new_file:no such file: ../crypto/bio/bss_file.c:76
sign-file: certs/signing_key.pem: No such file or directory
  DEPMOD  5.8.0-53-generic
Warning: modules_install: missing 'System.map' file. Skipping depmod.
make[1]: Leaving directory '/usr/src/linux-headers-5.8.0-53-generic'

The depmod was skipped, so I run it, and immediately after try modprobe piuio, which gives me the line Killed. Inspecting the output of dmesg, I get this:

[    1.728998] piuio: loading out-of-tree module taints kernel.
[    1.729022] piuio: module verification failed: signature and/or required key missing - tainting kernel
[    1.729235] BUG: kernel NULL pointer dereference, address: 0000000000000000
[    1.729238] #PF: supervisor read access in kernel mode
[    1.729239] #PF: error_code(0x0000) - not-present page
[    1.729241] PGD 0 P4D 0
[    1.729244] Oops: 0000 [#1] SMP PTI
[    1.729247] CPU: 1 PID: 315 Comm: systemd-udevd Tainted: G          IOE     5.8.0-53-generic #60~20.04.1-Ubuntu
[    1.729248] Hardware name: BIOSTAR Group H81MLV3/H81MLV3, BIOS 4.6.5 05/21/2014
[    1.729252] RIP: 0010:piuio_probe+0x3bc/0x4c7 [piuio]
[    1.729253] Code: 00 00 49 8b 84 24 b0 00 00 00 48 8b 44 18 58 48 8b 80 b8 02 00 00 4c 8b 70 18 49 8b 06 48 85 c0 0f 84 d8 00 00 00 4c 8b 40 18 <49> 8b 30 48 85 f6 75 16 e9 b6 00 00 00 49 8b 70 08 49 83 c0 08 48
[    1.729255] RSP: 0018:ffffb33600717a40 EFLAGS: 00010282
[    1.729256] RAX: ffffffff82d531e0 RBX: 0000000000000000 RCX: 0000000000000000
[    1.729257] RDX: ffff9fb0946a2f00 RSI: 0000000000000000 RDI: ffff9fb08f8f8a00
[    1.729258] RBP: ffffb33600717a88 R08: 0000000000000000 R09: ffff9fb093df0d10
[    1.729259] R10: ffff9fb10bde0fff R11: 0000000000000000 R12: ffff9fb08e04b780
[    1.729260] R13: ffff9fb093b21800 R14: ffffffff833f2ae8 R15: 0000000000000000
[    1.729262] FS:  00007f139890d880(0000) GS:ffff9fb096c80000(0000) knlGS:0000000000000000
[    1.729263] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.729264] CR2: 0000000000000000 CR3: 0000000214602003 CR4: 00000000001606e0
[    1.729265] Call Trace:
[    1.729272]  usb_probe_interface+0xed/0x290
[    1.729275]  really_probe+0x2b0/0x3d0
[    1.729277]  driver_probe_device+0xe9/0x160
[    1.729279]  device_driver_attach+0x5d/0x70
[    1.729281]  __driver_attach+0x8f/0x150
[    1.729283]  ? device_driver_attach+0x70/0x70
[    1.729284]  bus_for_each_dev+0x7e/0xc0
[    1.729286]  driver_attach+0x1e/0x20
[    1.729288]  bus_add_driver+0x152/0x1f0
[    1.729290]  driver_register+0x74/0xd0
[    1.729292]  usb_register_driver+0x89/0x130
[    1.729294]  ? 0xffffffffc0442000
[    1.729297]  piuio_driver_init+0x23/0x1000 [piuio]
[    1.729301]  do_one_initcall+0x4a/0x200
[    1.729304]  ? _cond_resched+0x19/0x30
[    1.729307]  ? kmem_cache_alloc_trace+0x177/0x240
[    1.729310]  do_init_module+0x62/0x250
[    1.729312]  load_module+0x10f5/0x12a0
[    1.729315]  ? ima_post_read_file+0x108/0x120
[    1.729319]  __do_sys_finit_module+0xc9/0x130
[    1.729320]  ? __do_sys_finit_module+0xc9/0x130
[    1.729323]  __x64_sys_finit_module+0x1a/0x20
[    1.729326]  do_syscall_64+0x49/0xc0
[    1.729329]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[    1.729330] RIP: 0033:0x7f1398e8f89d
[    1.729333] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c3 f5 0c 00 f7 d8 64 89 01 48
[    1.729334] RSP: 002b:00007ffe79779ea8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[    1.729335] RAX: ffffffffffffffda RBX: 000055c417d774a0 RCX: 00007f1398e8f89d
[    1.729336] RDX: 0000000000000000 RSI: 00007f1398d6cded RDI: 0000000000000006
[    1.729337] RBP: 0000000000020000 R08: 0000000000000000 R09: 0000000000000000
[    1.729338] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f1398d6cded
[    1.729340] R13: 0000000000000000 R14: 000055c417b33590 R15: 000055c417d774a0
[    1.729341] Modules linked in: piuio(OE+) sch_fq_codel parport_pc ppdev lp parport drm ip_tables x_tables autofs4 i2c_i801 i2c_smbus lpc_ich r8169 crc32_pclmul ahci libahci realtek xhci_pci xhci_pci_renesas video
[    1.729349] CR2: 0000000000000000
[    1.729351] ---[ end trace 8bec1d27bd3c68c6 ]---
[    1.729354] RIP: 0010:piuio_probe+0x3bc/0x4c7 [piuio]
[    1.729355] Code: 00 00 49 8b 84 24 b0 00 00 00 48 8b 44 18 58 48 8b 80 b8 02 00 00 4c 8b 70 18 49 8b 06 48 85 c0 0f 84 d8 00 00 00 4c 8b 40 18 <49> 8b 30 48 85 f6 75 16 e9 b6 00 00 00 49 8b 70 08 49 83 c0 08 48
[    1.729356] RSP: 0018:ffffb33600717a40 EFLAGS: 00010282
[    1.729358] RAX: ffffffff82d531e0 RBX: 0000000000000000 RCX: 0000000000000000
[    1.729359] RDX: ffff9fb0946a2f00 RSI: 0000000000000000 RDI: ffff9fb08f8f8a00
[    1.729360] RBP: ffffb33600717a88 R08: 0000000000000000 R09: ffff9fb093df0d10
[    1.729361] R10: ffff9fb10bde0fff R11: 0000000000000000 R12: ffff9fb08e04b780
[    1.729362] R13: ffff9fb093b21800 R14: ffffffff833f2ae8 R15: 0000000000000000
[    1.729364] FS:  00007f139890d880(0000) GS:ffff9fb096c80000(0000) knlGS:0000000000000000
[    1.729365] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.729366] CR2: 0000000000000000 CR3: 0000000214602003 CR4: 00000000001606e0

The same issue happens on either the master branch or legacy branch. If I try to do almost anything on boot (such as hit enter on a keyboard), Linux freezes immediately. SSHing into the box and removing the piuio.ko file returns me back to normal. Any insight you could provide on how to overcome this would be very much appreciated! Thank you for your time.

DinsFire64 commented 2 years ago

I happen to come to the repo to check some other code and noticed this issue.

I had the same issue and filed a PR at the end of 2020. Pull that patch and it'll fix that issue.