Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash on load Centos8 stream #17

Closed
geekjy opened this issue Apr 29, 2024 · 7 comments
Closed

Crash on load Centos8 stream #17

geekjy opened this issue Apr 29, 2024 · 7 comments
Assignees
@milabs

Comments

@geekjy
Copy link

geekjy commented Apr 29, 2024

捕获
@geekjy
Copy link
Author

geekjy commented Apr 29, 2024

use khook_demo build,insmod crash

@geekjy
Copy link
Author

geekjy commented Apr 29, 2024

[ 96.808062] khook_demo: loading out-of-tree module taints kernel.
[ 96.808097] khook_demo: module verification failed: signature and/or required key missing - tainting kernel
[ 96.817377] BUG: stack guard page was hit at 0000000028c736c5 (stack is 00000000fb187494..00000000005575b1)
[ 96.817378] kernel stack overflow (double-fault): 0000 [#1] SMP NOPTI
[ 96.817379] CPU: 2 PID: 3992 Comm: bash Kdump: loaded Tainted: G OE -------- - - 4.18.0-552.el8.x86_64 #1
[ 96.817379] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020
[ 96.817379] RIP: 0010:khook_load_elf_binary+0x17/0x40 [khook_demo]
[ 96.817380] Code: 8b 44 24 70 48 89 44 24 28 48 8b 44 24 78 48 89 44 24 30 48 8b 84 24 80 00 00 00 48 89 44 24 38 48 b8 10 01 97 c0 ff ff ff ff d0 48 83 c4 40 f0 ff 0d 04 1f 00 00 c3 c1 48 c7 c7 bf 10 97 c0
[ 96.817380] RSP: 0018:ffffad5f441dc000 EFLAGS: 00010286
[ 96.817381] RAX: ffffffffc0970110 RBX: ffffad5f441dfd20 RCX: 0000000000000000
[ 96.817381] RDX: 0000000000000040 RSI: 0000000000000081 RDI: ffff962d47b49660
[ 96.817382] RBP: fefefefefefefeff R08: 0000000000000000 R09: fefefefefefefeff
[ 96.817382] R10: 0000000000000fe0 R11: 0000000000000001 R12: ffff962d50187020
[ 96.817382] R13: 2f2f2f2f2f2f2f2f R14: 0000000000000000 R15: 00000000000007ff
[ 96.817383] FS: 00007f9e29d77740(0000) GS:ffff962d79e80000(0000) knlGS:0000000000000000
[ 96.817383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 96.817383] CR2: ffffad5f441dbff8 CR3: 00000001178c6000 CR4: 0000000000750ee0
[ 96.817384] PKRU: 55555554
[ 96.817384] Call Trace:
[ 96.817384] <#DF>
[ 96.817384] ? __die_body+0x1a/0x60
[ 96.817385] ? die+0x2a/0x50
[ 96.817385] ? handle_stack_overflow+0x3d/0x45
[ 96.817385] ? do_double_fault.cold.19+0x12/0x1e
[ 96.817386] ? double_fault+0x1e/0x30
[ 96.817386] ? khook_inode_permission+0x40/0x40 [khook_demo]
[ 96.817386] ? khook_load_elf_binary+0x17/0x40 [khook_demo]
[ 96.817386] </#DF>
[ 96.817387] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817387] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817387] khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817388] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817388] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817388] khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817389] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 96.817389] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817389] ? link_path_walk+0x73/0x550
[ 96.817390] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817390] ? link_path_walk+0x73/0x550
[ 96.817390] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817390] ? link_path_walk+0x73/0x550
[ 96.817391] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817391] ? link_path_walk+0x73/0x550
[ 96.817391] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817391] ? link_path_walk+0x73/0x550
[ 96.817392] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817392] ? link_path_walk+0x73/0x550
[ 96.817392] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817393] ? link_path_walk+0x73/0x550
[ 96.817393] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817393] ? link_path_walk+0x73/0x550
[ 96.817393] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817394] ? link_path_walk+0x73/0x550
[ 96.817394] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817394] ? link_path_walk+0x73/0x550
[ 96.817395] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817395] ? link_path_walk+0x73/0x550
[ 96.817395] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817395] ? link_path_walk+0x73/0x550
[ 96.817396] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817396] ? link_path_walk+0x73/0x550
[ 96.817396] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817397] ? link_path_walk+0x73/0x550
[ 96.817397] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817397] ? link_path_walk+0x73/0x550
[ 96.817397] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817398] ? link_path_walk+0x73/0x550
[ 96.817398] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817398] ? link_path_walk+0x73/0x550
[ 96.817398] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817399] ? link_path_walk+0x73/0x550
[ 96.817399] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817399] ? link_path_walk+0x73/0x550
[ 96.817400] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817400] ? link_path_walk+0x73/0x550
[ 96.817400] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817400] ? link_path_walk+0x73/0x550
[ 96.817401] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817401] ? link_path_walk+0x73/0x550
[ 96.817401] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817402] ? link_path_walk+0x73/0x550
[ 96.817402] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817402] ? link_path_walk+0x73/0x550
[ 96.817402] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817403] ? link_path_walk+0x73/0x550
[ 96.817403] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817403] ? link_path_walk+0x73/0x550
[ 96.817403] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817404] ? link_path_walk+0x73/0x550
[ 96.817404] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817404] ? link_path_walk+0x73/0x550
[ 96.817405] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817405] ? link_path_walk+0x73/0x550
[ 96.817405] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817405] ? link_path_walk+0x73/0x550
[ 96.817406] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817406] ? link_path_walk+0x73/0x550
[ 96.817406] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817407] ? link_path_walk+0x73/0x550
[ 96.817407] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817407] ? link_path_walk+0x73/0x550
[ 96.817407] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817408] ? link_path_walk+0x73/0x550
[ 96.817408] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817408] ? link_path_walk+0x73/0x550
[ 96.817408] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817409] ? link_path_walk+0x73/0x550
[ 96.817409] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817409] ? link_path_walk+0x73/0x550
[ 96.817410] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817410] ? link_path_walk+0x73/0x550
[ 96.817410] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817410] ? link_path_walk+0x73/0x550
[ 96.817411] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817411] ? link_path_walk+0x73/0x550
[ 96.817411] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817412] ? link_path_walk+0x73/0x550
[ 96.817412] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817412] ? link_path_walk+0x73/0x550
[ 96.817412] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817413] ? link_path_walk+0x73/0x550
[ 96.817413] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817413] ? link_path_walk+0x73/0x550
[ 96.817414] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817414] ? link_path_walk+0x73/0x550
[ 96.817414] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817414] ? link_path_walk+0x73/0x550
[ 96.817415] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817415] ? link_path_walk+0x73/0x550
[ 96.817415] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817415] ? link_path_walk+0x73/0x550
[ 96.817416] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817416] ? link_path_walk+0x73/0x550
[ 96.817416] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817417] ? link_path_walk+0x73/0x550
[ 96.817417] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817417] ? link_path_walk+0x73/0x550
[ 96.817417] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817418] ? link_path_walk+0x73/0x550
[ 96.817418] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817418] ? link_path_walk+0x73/0x550
[ 96.817419] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817419] ? link_path_walk+0x73/0x550
[ 96.817419] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817419] ? link_path_walk+0x73/0x550
[ 96.817420] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817420] ? link_path_walk+0x73/0x550
[ 96.817420] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817420] ? link_path_walk+0x73/0x550
[ 96.817421] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817421] ? link_path_walk+0x73/0x550
[ 96.817421] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817422] ? link_path_walk+0x73/0x550
[ 96.817422] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817422] ? link_path_walk+0x73/0x550
[ 96.817422] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817423] ? link_path_walk+0x73/0x550
[ 96.817423] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817423] ? link_path_walk+0x73/0x550
[ 96.817424] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817424] ? link_path_walk+0x73/0x550
[ 96.817424] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817424] ? link_path_walk+0x73/0x550
[ 96.817425] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817425] ? link_path_walk+0x73/0x550
[ 96.817425] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817426] ? link_path_walk+0x73/0x550
[ 96.817426] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817426] ? link_path_walk+0x73/0x550
[ 96.817426] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817427] ? link_path_walk+0x73/0x550
[ 96.817427] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817427] ? link_path_walk+0x73/0x550
[ 96.817427] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817428] ? link_path_walk+0x73/0x550
[ 96.817428] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817428] ? link_path_walk+0x73/0x550
[ 96.817429] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817429] ? link_path_walk+0x73/0x550
[ 96.817429] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817429] ? link_path_walk+0x73/0x550
[ 96.817430] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817430] ? link_path_walk+0x73/0x550
[ 96.817430] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817431] ? link_path_walk+0x73/0x550
[ 96.817431] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817431] ? link_path_walk+0x73/0x550
[ 96.817431] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817432] ? link_path_walk+0x73/0x550
[ 96.817432] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817432] ? link_path_walk+0x73/0x550
[ 96.817432] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817433] ? link_path_walk+0x73/0x550
[ 96.817433] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817433] ? link_path_walk+0x73/0x550
[ 96.817434] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817434] ? link_path_walk+0x73/0x550
[ 96.817434] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817434] ? link_path_walk+0x73/0x550
[ 96.817435] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817435] ? link_path_walk+0x73/0x550
[ 96.817435] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817436] ? link_path_walk+0x73/0x550
[ 96.817436] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817436] ? link_path_walk+0x73/0x550
[ 96.817436] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817437] ? link_path_walk+0x73/0x550
[ 96.817437] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817437] ? link_path_walk+0x73/0x550
[ 96.817437] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817438] ? link_path_walk+0x73/0x550
[ 96.817438] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817438] ? link_path_walk+0x73/0x550
[ 96.817439] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817439] ? link_path_walk+0x73/0x550
[ 96.817439] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817439] ? link_path_walk+0x73/0x550
[ 96.817440] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817440] ? link_path_walk+0x73/0x550
[ 96.817440] ? srso_alias_return_thunk+0x5/0xfcdfd
[ 96.817441] ? link_path_walk+0x73/0x550
[ 96.817441] ? srso_alias_return_thunk+0x
[ 96.817441] Lost 348 message(s)!

@geekjy
Copy link
Author

geekjy commented Apr 29, 2024

--------- - - 4.18.0-500.el8.x86_64 #1
[ 41.585865] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020
[ 41.585866] RIP: 0010:khook_load_elf_binary+0x17/0x40 [khook_demo]
[ 41.585866] Code: 8b 44 24 70 48 89 44 24 28 48 8b 44 24 78 48 89 44 24 30 48 8b 84 24 80 00 00 00 48 89 44 24 38 48 b8 10 81 b1 c0 ff ff ff ff d0 48 83 c4 40 f0 ff 0d 04 1f 00 00 c3 c1 48 c7 c7 bf 90 b1 c0
[ 41.585866] RSP: 0018:ffff968fc359c000 EFLAGS: 00010286
[ 41.585867] RAX: ffffffffc0b18110 RBX: ffff968fc359fd20 RCX: 0000000000000000
[ 41.585867] RDX: 0000000000000040 RSI: 0000000000000081 RDI: ffff88f7667acda0
[ 41.585867] RBP: fefefefefefefeff R08: 0000000000000000 R09: fefefefefefefeff
[ 41.585867] R10: 0000000000000fe0 R11: 0000000000000001 R12: ffff88f850b08020
[ 41.585868] R13: 2f2f2f2f2f2f2f2f R14: 0000000000000000 R15: 00000000000007ff
[ 41.585868] FS: 00007f30af2c1740(0000) GS:ffff88f879e80000(0000) knlGS:0000000000000000
[ 41.585868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 41.585868] CR2: ffff968fc359bff8 CR3: 0000000126eba000 CR4: 0000000000750ee0
[ 41.585869] PKRU: 55555554
[ 41.585869] Call Trace:
[ 41.585869] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585869] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585869] khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585869] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585870] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585870] khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585870] ? khook_load_elf_binary+0x19/0x40 [khook_demo]
[ 41.585870] ? link_path_walk+0x73/0x550
[ 41.585870] ? link_path_walk+0x73/0x550
[ 41.585871] ? link_path_walk+0x73/0x550
[ 41.585871] ? link_path_walk+0x73/0x550
[ 41.585871] ? link_path_walk+0x73/0x550
[ 41.585871] ? link_path_walk+0x73/0x550
[ 41.585871] ? link_path_walk+0x73/0x550
[ 41.585871] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585872] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585873] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585874] ? link_path_walk+0x73/0x550
[ 41.585875] ? link_path_walk+0x73/0x550
[ 41.585875] ? link_path_walk+0x73/0x550
[ 41.585875] ? link_path_walk+0x73/0x550
[ 41.585875] ? link_path_walk+0x73/0x550
[ 41.585875] ? link_path_walk+0x73/0x550
[ 41.585875] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585876] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585877] ? link_path_walk+0x73/0x550
[ 41.585878] ? link_path_walk+0x73/0x550
[ 41.585878] ? link_path_walk+0x73/0x550
[ 41.585878] ? link_path_walk+0x73/0x550
[ 41.585878] ? link_path_walk+0x73/0x550
[ 41.585878] ? link_path_walk+0x73/0x550
[ 41.585878] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585879] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585880] ? link_path_walk+0x73/0x550
[ 41.585881] ? link_path_walk+0x73/0x550
[ 41.585881] ? link_path_walk+0x73/0x550
[ 41.585881] ? link_path_walk+0x73/0x550
[ 41.585881] ? link_path_walk+0x73/0x550
[ 41.585881] ? link_path_walk+0x73/0x550
[ 41.585881] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585882] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585883] ? link_path_walk+0x73/0x550
[ 41.585884] ? link_path_walk+0x73/0x550
[ 41.585884] ? link_path_walk+0x73/0x550
[ 41.585884] ? link_path_walk+0x73/0x550
[ 41.585884] ? link_path_walk+0x73/0x550
[ 41.585884] ? link_path_walk+0x73/0x550
[ 41.585884] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585885] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585886] ? link_path_walk+0x73/0x550
[ 41.585887] ? link_path_walk+0x73/0x550
[ 41.585887] ? link_path_walk+0x73/0x550
[ 41.585887] ? link_path_walk+0x73/0x550
[ 41.585887] ? link_path_walk+0x73/0x550
[ 41.585887] ? link_path_walk+0x73/0x550
[ 41.585887] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585888] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585889] ? link_path_walk+0x73/0x550
[ 41.585890] ? link_path_walk+0x73/0x550
[ 41.585890] ? link_path_walk+0x73/0x550
[ 41.585890] ? link_path_walk+0x73/0x550
[ 41.585890] ? link_path_walk+0x73/0x550
[ 41.585890] ? link_path_walk+0x73/0x550
[ 41.585890] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585891] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585892] ? link_path_walk+0x73/0x550
[ 41.585893] ? link_path_walk+0x73/0x550
[ 41.585893] ? link_path_walk+0x73/0x550
[ 41.585893] ? link_path_walk+0x73/0x550
[ 41.585893] ? link_path_walk+0x73/0x550
[ 41.585893] ? link_path_walk+0x73/0x550
[ 41.585893] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585894] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585895] ? link_path_walk+0x73/0x550
[ 41.585896] ? link_path_walk+0x73/0x550
[ 41.585896] ? link_path_walk+0x73/0x550
[ 41.585896] ? link_path_walk+0x73/0x550
[ 41.585896] ? link_path_walk+0x73/0x550
[ 41.585896] ? link_path_walk+0x73/0x550
[ 41.585896] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585897] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585898] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585899] ? link_path_walk+0x73/0x550
[ 41.585900] ? link_path_walk+0x73/0x550
[ 41.585900] ? link_path_walk+0x73/0x550
[ 41.585900] ? link_path_walk+0x73/0x550
[ 41.585900] ? link_path_walk+0x73/0x550
[ 41.585900] ? link_path_walk+0x73/0x550
[ 41.585900] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585901] ? link_path_walk+0x73/0x550
[ 41.585902] ? link_path_walk+0x73/0x550
[ 41.585902] ? link_path_walk+0x73/0x550
[ 41.585902] ? link_path_walk+0x73/0x550
[ 41.585902] ? link_path_walk+0x73/0x550
[ 41.585902] ? link_path_walk+0x73/0x550
[ 41.585902] ? path_lookupat.isra.43+0x9b/0x220
[ 41.585902] ? do_page_fault+0x37/0x130
[ 41.585903] ? filename_lookup.part.58+0xa0/0x170
[ 41.585903] ? strncpy_from_user+0x7a/0x1b0
[ 41.585903] ? vfs_statx+0x74/0xe0
[ 41.585903] ? __do_sys_newstat+0x39/0x70
[ 41.585903] ? syscall_trace_enter+0x1ff/0x2d0
[ 41.585903] ? __do_page_fault+0x209/0x460
[ 41.585904] ? do_syscall_64+0x5b/0x1b0
[ 41.585904] ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 41.585904] Modules linked in: khook_demo(OE) uinput rfcomm ib_core xt_CHEC
[ 41.585905] Lost 82 message(s)!

@geekjy
Copy link
Author

geekjy commented Apr 29, 2024

crash> bt
PID: 4338 TASK: ffff88f77009c000 CPU: 2 COMMAND: "bash"
#0 [fffffe000007adc8] machine_kexec at ffffffffada6cc73
#1 [fffffe000007ae20] __crash_kexec at ffffffffadbb734a
#2 [fffffe000007aee0] crash_kexec at ffffffffadbb8281
#3 [fffffe000007aef8] oops_end at ffffffffada2b5d1
#4 [fffffe000007af18] handle_stack_overflow at ffffffffada28a3a
#5 [fffffe000007af30] do_double_fault.cold.20 at ffffffffada28a54
#6 [fffffe000007af50] double_fault at ffffffffae600dae
[exception RIP: khook_load_elf_binary+23]
RIP: ffffffffc0b18127 RSP: ffff968fc359c000 RFLAGS: 00010286
RAX: ffffffffc0b18110 RBX: ffff968fc359fd20 RCX: 0000000000000000
RDX: 0000000000000040 RSI: 0000000000000081 RDI: ffff88f7667acda0
RBP: fefefefefefefeff R8: 0000000000000000 R9: fefefefefefefeff
R10: 0000000000000fe0 R11: 0000000000000001 R12: ffff88f850b08020
R13: 2f2f2f2f2f2f2f2f R14: 0000000000000000 R15: 00000000000007ff
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
--- ---
#7 [ffff968fc359c000] khook_load_elf_binary at ffffffffc0b18127 [khook_demo]
#8 [ffff968fc359c010] khook_load_elf_binary at ffffffffc0b18129 [khook_demo]
#9 [ffff968fc359c028] khook_load_elf_binary at ffffffffc0b18129 [khook_demo]
#10 [ffff968fc359c070] link_path_walk at ffffffffadd74f93
#11 [ffff968fc359c100] link_path_walk at ffffffffadd74f93
#12 [ffff968fc359c190] link_path_walk at ffffffffadd74f93
#13 [ffff968fc359c220] link_path_walk at ffffffffadd74f93
#14 [ffff968fc359c2b0] link_path_walk at ffffffffadd74f93
#15 [ffff968fc359c340] link_path_walk at ffffffffadd74f93
#16 [ffff968fc359c3d0] link_path_walk at ffffffffadd74f93
#17 [ffff968fc359c460] link_path_walk at ffffffffadd74f93
#18 [ffff968fc359c4f0] link_path_walk at ffffffffadd74f93
#19 [ffff968fc359c580] link_path_walk at ffffffffadd74f93
#20 [ffff968fc359c610] link_path_walk at ffffffffadd74f93
#21 [ffff968fc359c6a0] link_path_walk at ffffffffadd74f93
#22 [ffff968fc359c730] link_path_walk at ffffffffadd74f93
#23 [ffff968fc359c7c0] link_path_walk at ffffffffadd74f93
#24 [ffff968fc359c850] link_path_walk at ffffffffadd74f93
#25 [ffff968fc359c8e0] link_path_walk at ffffffffadd74f93
#26 [ffff968fc359c970] link_path_walk at ffffffffadd74f93
#27 [ffff968fc359ca00] link_path_walk at ffffffffadd74f93
#28 [ffff968fc359ca90] link_path_walk at ffffffffadd74f93
#29 [ffff968fc359cb20] link_path_walk at ffffffffadd74f93
#30 [ffff968fc359cbb0] link_path_walk at ffffffffadd74f93
#31 [ffff968fc359cc40] link_path_walk at ffffffffadd74f93
#32 [ffff968fc359ccd0] link_path_walk at ffffffffadd74f93
#33 [ffff968fc359cd60] link_path_walk at ffffffffadd74f93
#34 [ffff968fc359cdf0] link_path_walk at ffffffffadd74f93
#35 [ffff968fc359ce80] link_path_walk at ffffffffadd74f93
#36 [ffff968fc359cf10] link_path_walk at ffffffffadd74f93
#37 [ffff968fc359cfa0] link_path_walk at ffffffffadd74f93
#38 [ffff968fc359d030] link_path_walk at ffffffffadd74f93
#39 [ffff968fc359d0c0] link_path_walk at ffffffffadd74f93
#40 [ffff968fc359d150] link_path_walk at ffffffffadd74f93
#41 [ffff968fc359d1e0] link_path_walk at ffffffffadd74f93
#42 [ffff968fc359d270] link_path_walk at ffffffffadd74f93
#43 [ffff968fc359d300] link_path_walk at ffffffffadd74f93
#44 [ffff968fc359d390] link_path_walk at ffffffffadd74f93
#45 [ffff968fc359d420] link_path_walk at ffffffffadd74f93
#46 [ffff968fc359d4b0] link_path_walk at ffffffffadd74f93
#47 [ffff968fc359d540] link_path_walk at ffffffffadd74f93
#48 [ffff968fc359d5d0] link_path_walk at ffffffffadd74f93
#49 [ffff968fc359d660] link_path_walk at ffffffffadd74f93
#50 [ffff968fc359d6f0] link_path_walk at ffffffffadd74f93
#51 [ffff968fc359d780] link_path_walk at ffffffffadd74f93
#52 [ffff968fc359d810] link_path_walk at ffffffffadd74f93
#53 [ffff968fc359d8a0] link_path_walk at ffffffffadd74f93
#54 [ffff968fc359d930] link_path_walk at ffffffffadd74f93
#55 [ffff968fc359d9c0] link_path_walk at ffffffffadd74f93
#56 [ffff968fc359da50] link_path_walk at ffffffffadd74f93
#57 [ffff968fc359dae0] link_path_walk at ffffffffadd74f93
#58 [ffff968fc359db70] link_path_walk at ffffffffadd74f93
#59 [ffff968fc359dc00] link_path_walk at ffffffffadd74f93
#60 [ffff968fc359dc90] link_path_walk at ffffffffadd74f93
#61 [ffff968fc359dd20] link_path_walk at ffffffffadd74f93
#62 [ffff968fc359ddb0] link_path_walk at ffffffffadd74f93
#63 [ffff968fc359de40] link_path_walk at ffffffffadd74f93
#64 [ffff968fc359ded0] link_path_walk at ffffffffadd74f93
#65 [ffff968fc359df60] link_path_walk at ffffffffadd74f93
#66 [ffff968fc359dff0] link_path_walk at ffffffffadd74f93
#67 [ffff968fc359e080] link_path_walk at ffffffffadd74f93
#68 [ffff968fc359e110] link_path_walk at ffffffffadd74f93
#69 [ffff968fc359e1a0] link_path_walk at ffffffffadd74f93
#70 [ffff968fc359e230] link_path_walk at ffffffffadd74f93
#71 [ffff968fc359e2c0] link_path_walk at ffffffffadd74f93
#72 [ffff968fc359e350] link_path_walk at ffffffffadd74f93
#73 [ffff968fc359e3e0] link_path_walk at ffffffffadd74f93
#74 [ffff968fc359e470] link_path_walk at ffffffffadd74f93
#75 [ffff968fc359e500] link_path_walk at ffffffffadd74f93
#76 [ffff968fc359e590] link_path_walk at ffffffffadd74f93
#77 [ffff968fc359e620] link_path_walk at ffffffffadd74f93
#78 [ffff968fc359e6b0] link_path_walk at ffffffffadd74f93
#79 [ffff968fc359e740] link_path_walk at ffffffffadd74f93
#80 [ffff968fc359e7d0] link_path_walk at ffffffffadd74f93
#81 [ffff968fc359e860] link_path_walk at ffffffffadd74f93
#82 [ffff968fc359e8f0] link_path_walk at ffffffffadd74f93
#83 [ffff968fc359e980] link_path_walk at ffffffffadd74f93
#84 [ffff968fc359ea10] link_path_walk at ffffffffadd74f93
#85 [ffff968fc359eaa0] link_path_walk at ffffffffadd74f93
#86 [ffff968fc359eb30] link_path_walk at ffffffffadd74f93
#87 [ffff968fc359ebc0] link_path_walk at ffffffffadd74f93
#88 [ffff968fc359ec50] link_path_walk at ffffffffadd74f93
#89 [ffff968fc359ece0] link_path_walk at ffffffffadd74f93
#90 [ffff968fc359ed70] link_path_walk at ffffffffadd74f93
#91 [ffff968fc359ee00] link_path_walk at ffffffffadd74f93
#92 [ffff968fc359ee90] link_path_walk at ffffffffadd74f93
#93 [ffff968fc359ef20] link_path_walk at ffffffffadd74f93
#94 [ffff968fc359efb0] link_path_walk at ffffffffadd74f93
#95 [ffff968fc359f040] link_path_walk at ffffffffadd74f93
#96 [ffff968fc359f0d0] link_path_walk at ffffffffadd74f93
#97 [ffff968fc359f160] link_path_walk at ffffffffadd74f93
#98 [ffff968fc359f1f0] link_path_walk at ffffffffadd74f93
#99 [ffff968fc359f280] link_path_walk at ffffffffadd74f93
#100 [ffff968fc359f310] link_path_walk at ffffffffadd74f93
#101 [ffff968fc359f3a0] link_path_walk at ffffffffadd74f93
#102 [ffff968fc359f430] link_path_walk at ffffffffadd74f93
#103 [ffff968fc359f4c0] link_path_walk at ffffffffadd74f93
#104 [ffff968fc359f550] link_path_walk at ffffffffadd74f93
#105 [ffff968fc359f5e0] link_path_walk at ffffffffadd74f93
#106 [ffff968fc359f670] link_path_walk at ffffffffadd74f93
#107 [ffff968fc359f700] link_path_walk at ffffffffadd74f93
#108 [ffff968fc359f790] link_path_walk at ffffffffadd74f93
#109 [ffff968fc359f820] link_path_walk at ffffffffadd74f93
#110 [ffff968fc359f8b0] link_path_walk at ffffffffadd74f93
#111 [ffff968fc359f940] link_path_walk at ffffffffadd74f93
#112 [ffff968fc359f9d0] link_path_walk at ffffffffadd74f93
#113 [ffff968fc359fa60] link_path_walk at ffffffffadd74f93
#114 [ffff968fc359faf0] link_path_walk at ffffffffadd74f93
#115 [ffff968fc359fb80] link_path_walk at ffffffffadd74f93
#116 [ffff968fc359fc10] link_path_walk at ffffffffadd74f93
#117 [ffff968fc359fcb8] path_lookupat at ffffffffadd7558b
#118 [ffff968fc359fd18] filename_lookup at ffffffffadd79c90
#119 [ffff968fc359fe40] vfs_statx at ffffffffadd6c894
#120 [ffff968fc359fe98] __do_sys_newstat at ffffffffadd6cee9
#121 [ffff968fc359ff38] do_syscall_64 at ffffffffada0539b
#122 [ffff968fc359ff50] entry_SYSCALL_64_after_hwframe at ffffffffae6000a9
RIP: 00007f30ae9cab09 RSP: 00007ffea5ffdaa8 RFLAGS: 00000246
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f30ae9cab09
RDX: 00007ffea5ffdad0 RSI: 00007ffea5ffdad0 RDI: 000055ce26be0bcb
RBP: 000055ce2804bc90 R8: 0000000000000001 R9: 0000000000000000
R10: 0000000000000001 R11: 0000000000000246 R12: 000055ce281fc8a0
R13: 0000000000000024 R14: 00007ffea5ffdad0 R15: 000055ce2804bc90
ORIG_RAX: 0000000000000004 CS: 0033 SS: 002b

@milabs milabs self-assigned this Apr 30, 2024
@milabs
Copy link
Owner

milabs commented Apr 30, 2024 

CentOS Stream release 9
5.14.0-402.el9.x86_64

works

@geekjy
Copy link
Author

geekjy commented Apr 30, 2024 

CentOS Stream release 9
5.14.0-402.el9.x86_64

works

But CentOS Stream release 8 4.18.0-499.el8.x86_64-4.18.0-552.el8.x86_64 don't work.

@geekjy geekjy closed this as completed Apr 30, 2024
@geekjy
Copy link
Author

geekjy commented Apr 30, 2024

Sorry, I found the reason, it's not a problem with the khook framework itself

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@milabs milabs

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@milabs @geekjy