[UBUNTU 21.04] Opencryptoki 3.15: token_specific_sha_update() causes segmentation fault in main_arena () from /usr/lib64/libc.so.6 (opencryptoki)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
High
|
Skipper Bug Screeners | ||
opencryptoki (Ubuntu) |
Fix Released
|
Undecided
|
Skipper Bug Screeners |
Bug Description
Summary
=======
IBM z15 LPAR
found on non-Ubuntu distro with opencryptoki-3.15.1
Segmentation fault of the sess_opstate test on the Soft Token
The problem is immediately reproducible
Details
=======
The sess_opstate test was receiving a segmentation fault signal when running
on the OpenCryptoki SoftToken.
./Bopencryptoki-tb: line 391: 222135 Segmentation fault (core dumped) ./sess_opstate -slot $slot_nr
sess_opstate succeeds against the ICA token, CCA token, and EP11 token.
The elapled time amount is showing about 50years of run time which is way too high, though.
# time ./sess_opstate1 -slot 3
Using slot #3...
With option: no_init: 0
Running 100 loops...
* TESTCASE sess_opstate_funcs PASS (elapsed time 1612872946s 711722us) Get/SetOperatio
real 0m0.895s
user 0m0.015s
sys 0m0.032s
Debug info
==========
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000003ff9a51e9c0 in main_arena () from /usr/lib64/
(gdb) bt
#0 0x000003ff9a51e9c0 in main_arena () from /usr/lib64/
#1 0x000003ff98270872 in token_specific_
in_
#2 0x000003ff98215f48 in digest_
data=<optimized out>, data_len=5) at usr/lib/
#3 0x000003ff98251716 in SC_DigestUpdate (tokdata=
ulPartLen=5) at usr/lib/
#4 0x000003ff9a607578 in C_DigestUpdate () from /usr/lib64/
#5 0x0000000001004d56 in sess_opstate_funcs ()
#6 0x00000000010057d2 in main ()
Terminal Output
===============
./Bopencryptoki-tb: line 391: 222135 Segmentation fault (core dumped) ./sess_opstate -slot $slot_nr
# file sess_opstate
sess_opstate: ELF 64-bit MSB executable, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, for GNU/Linux 3.2.0, BuildID[
# coredumpctl list
TIME PID UID GID SIG COREFILE EXE
Thu 2021-02-04 19:05:29 CET 222135 0 0 11 missing /root/crypto/
#
coredumpctl dump 222135 > coredump_
PID: 222135 (sess_opstate)
UID: 0 (root)
GID: 0 (root)
Signal: 11 (SEGV)
Timestamp: Thu 2021-02-04 19:05:28 CET (4 days ago)
Command Line: ./sess_opstate -slot 2
Executable: /root/crypto/
Control Group: /user.slice/
Unit: session-5.scope
Slice: user-0.slice
Session: 5
Owner UID: 0 (root)
Boot ID: 13342569937c43b
Machine ID: fc8625d57591406
Hostname: t83lp22.lnxne.boe
Storage: /var/lib/
Message: Process 222135 (sess_opstate) of user 0 dumped core.
#0 0x0000000000000002 n/a (n/a)
Syslog from the segmentation fault situation:
Feb 04 19:05:28 system sess_opstate[
Feb 04 19:05:28 system kernel: User process fault: interruption code 0010 ilc:3 in sess_opstate[
Feb 04 19:05:28 system kernel: Failing address: 0000000000000000 TEID: 0000000000000800
Feb 04 19:05:28 system kernel: Fault in primary space mode while using user ASCE.
Feb 04 19:05:28 system kernel: AS:00000000e585c1c7 R3:00000000da39c007 S:0000000000000020
Feb 04 19:05:28 system kernel: CPU: 2 PID: 222135 Comm: sess_opstate Kdump: loaded Not tainted 4.18.0-
Feb 04 19:05:28 system kernel: Hardware name: IBM 8561 T01 701 (LPAR)
Feb 04 19:05:28 system kernel: User PSW : 0705000180000000 0000000000000002
Feb 04 19:05:28 system kernel: R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:1 AS:0 CC:0 PM:0 RI:0 EA:3
Feb 04 19:05:28 system kernel: User GPRS: 0000000000000000 0000000000000002 0000000002922fb0 0000000002922ca0
Feb 04 19:05:28 system kernel: 0000000000000003 0000000000000003 0000000000000003 0000000000000002
Feb 04 19:05:28 system kernel: 00000000029098b0 0000000000000003 0000000002922ca0 0000000002923238
Feb 04 19:05:28 system kernel: 0000000002922ca0 0000000000000063 000003ff991f0872 000003ffc027ee50
Feb 04 19:05:28 system kernel: User Code: Bad PSW.
Feb 04 19:05:28 system kernel: Last Breaking-
Feb 04 19:05:28 system kernel: [<000003ff9ae96
Feb 04 19:05:28 system systemd-
Feb 04 19:05:28 system systemd[1]: Created slice system-
Feb 04 19:05:28 system systemd[1]: Started Process Core Dump (PID 222136/UID 0).
Feb 04 19:05:29 system systemd-
Feb 04 19:05:29 system sess_mgmt_
Feb 04 19:05:29 system systemd-
Feb 04 19:05:29 system systemd[1]: systemd-
---Steps to Reproduce---
1. Unpack the GitHub OpenCryptoki source code package and run
./bootstrap.sh
./configure --enable-testcases
2. cd testcases
3. make
4. cd crypto
5. Set up the opencryptoki Soft token (define in
/etc/
6. export PKCS11_
7. run: ./sess_opstate -slot <N> -securekey; N being the index of the Soft token
8. Watch the Error output of the tests.
Userspace tool common name: opencryptoki
Userspace : opencryptoki-
The userspace tool has the following bit modes: 64-bit
Userspace tool obtained from project website: na
This affects OCK >= 3.15 only.
The fix is now upstream:
https:/
This patch should apply smoothly on top of OCK 3.15.1.
tags: | added: architecture-s39064 bugnameltc-191549 severity-high targetmilestone-inin2104 |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → opencryptoki (Ubuntu) |
Changed in ubuntu-z-systems: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
importance: | Undecided → High |
status: | New → Triaged |
tags: | added: fr-1139 |
Changed in opencryptoki (Ubuntu): | |
status: | New → Fix Released |
Changed in ubuntu-z-systems: | |
status: | Triaged → Fix Released |
Could and should be done as part of LP 1906369.