keyutils is broken (keyctl segfaults trivially)
Bug #298208 reported by
Daniel Richard G.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: keyutils
On a Debian Lenny (beta2) system:
# keyctl request2 user debug:hello xyzzy
281487143
On an Ubuntu Intrepid system (keyutils 1.2-7):
# keyctl request2 user debug:hello xyzzy
Segmentation fault
I'm running into problems mounting a CIFS share via cifs.upcall(8), but clearly this needs to be addressed first.
To post a comment you must log in.
This looks like a kernel bug. dmesg output corresponding to the keyctl call:
[172406.924622] BUG: unable to handle kernel NULL pointer dereference at 0000000 44b>] call_sbin_ request_ key+0x2db/ 0x2f0 conservative cpufreq_stats cpufreq_ondemand freq_table cpufreq_powersave sbs sbshc container pci_slot wmi iptable_filter ip_tables x_tables ipv6 parport_pc lp parport loop joydev pcmcia thinkpad_acpi arc4 ecb nvram snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm evdev serio_raw pcspkr psmouse rfkill yenta_socket rsrc_nonstatic mac80211 pcmcia_core snd_seq_dummy iTCO_wdt iTCO_vendor_support led_class snd_seq_oss battery cfg80211 video ac nsc_ircc snd_seq_midi output irda snd_rawmidi crc_ccitt snd_seq_midi_event snd_seq snd_timer snd_seq_device snd soundcore snd_page_alloc button shpchp pci_hotplug intel_agp ext3 jbd mbcache sha256_generic aes_x86_64 aes_generic cbc sr_mod cdrom sd_mod crc_t10dif sg ata_piix pata_acpi ata_generic ahci libata scsi_mod ehci_hcd uhci_hcd usbcore e1000e dock dm_crypt crypto_blkcipher dm_mirror dm_log dm_snapshot dm_mod thermal processor fan fbcon tileblit font bitblit softcursor fuse [last unloaded: iwl3945] ffffffff8035f44 b>] [<ffffffff8035f 44b>] call_sbin_ request_ key+0x2db/ 0x2f0 d9fd18 EFLAGS: 00010246 0(0000) GS:ffff88003f00 2880(0000) knlGS:000000000 0000000 116>] ? mutex_lock+ 0x16/0x30 0c9>] ? mutex_unlock+ 0x9/0x20 011>] ? __key_instantia te_and_ lin...
000000004
[172406.924632] IP: [<ffffffff8035f
[172406.924646] PGD 33157067 PUD a946067 PMD 0
[172406.924654] Oops: 0000 [1] SMP
[172406.924659] CPU 1
[172406.924663] Modules linked in: nls_iso8859_1 nls_cp437 vfat fat usb_storage libusual tun nfs lockd nfs_acl sunrpc iwl3945 af_packet i915 drm binfmt_misc rfcomm sco bridge stp bnep l2cap bluetooth ppdev acpi_cpufreq cpufreq_userspace cpufreq_
[172406.924834] Pid: 9408, comm: keyctl Not tainted 2.6.27-8-generic #1
[172406.924839] RIP: 0010:[<
[172406.924848] RSP: 0018:ffff880010
[172406.924852] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[172406.924857] RDX: ffff880010d9fd95 RSI: 00000000fffffffc RDI: 0000000000000001
[172406.924861] RBP: ffff880010d9fe58 R08: 00000000ffffffff R09: 0000000000000001
[172406.924865] R10: ffff880010d9fc38 R11: ffff880090d9fd93 R12: ffff880010d9fd88
[172406.924869] R13: ffff88003d04d900 R14: ffff88001a873350 R15: ffff880021499670
[172406.924875] FS: 00007f3d471d26e
[172406.924880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[172406.924884] CR2: 0000000000000004 CR3: 0000000010081000 CR4: 00000000000006a0
[172406.924889] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[172406.924893] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[172406.924898] Process keyctl (pid: 9408, threadinfo ffff880010d9e000, task ffff880021499670)
[172406.924902] Stack: ffff880010d9fd68 ffffffff805fbf91 ffff880010d9fd94 ffff88001f5f33c0
[172406.924912] 0000000000000031 ffff88001f5f3900 ffff880010d9fd68 ffffffff80501116
[172406.924920] ffff88001f5f3904 ffffffff805010c9 ffff880010d9fda8 ffffffff8035b011
[172406.924928] Call Trace:
[172406.924936] [<ffffffff80501
[172406.924941] [<ffffffff80501
[172406.924948] [<ffffffff8035b