Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kernel waring for invalid key #1904

Closed
EvgeniiMekhanik opened this issue Jun 15, 2023 · 3 comments · Fixed by #1938
Closed

Kernel waring for invalid key #1904

EvgeniiMekhanik opened this issue Jun 15, 2023 · 3 comments · Fixed by #1938
Assignees
@EvgeniiMekhanik
Labels
bug TLS Tempesta TLS module and related issues
Milestone
0.8 - Beta

Comments

@EvgeniiMekhanik
Copy link
Contributor

Config:

listen 443 proto=https;

cache 1;
cache_fulfill * *;

srv_group ngx_local {
        server 127.0.0.1:8000 conns_n=4;
}

vhost evgeny-Standard-PC-i440FX-PIIX-1996 {
        tls_certificate /home/evgeny/workdir/cert/DHM/tfw-root.crt;
        tls_certificate_key /home/evgeny/workdir/cert/DHM/tfw-root.key;

        #resp_hdr_set Strict-Transport-Security "max-age=31536000; includeSubDomains";

        proxy_pass ngx_local;
}

http_chain {
        -> evgeny-Standard-PC-i440FX-PIIX-1996;
}

Key:

-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIJHRHySm8nxgoybiYpSJq1aN+BxIQHhMQe1QT9PfYyOfoAcGBSuBBAAK
oUQDQgAEDo6O5k4nLdyyurhnewGUzu7l/GXEi/xiJVPCMg4HGKdd3eN4DemWj6aL
WrLpkJng4ZnbnW6qm4FEaQCCKDAPAw==
-----END EC PRIVATE KEY-----

Cert:

-----BEGIN CERTIFICATE-----
MIIC1jCCAn2gAwIBAgIURQpFkeTRqik8vjjBjHajEeQJ62wwCgYIKoZIzj0EAwIw
gcAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMSMwIQYDVQQKDBpUZW1wZXN0YSBUZWNobm9sb2dpZXMgSW5jLjEQMA4G
A1UECwwHVGVzdGluZzEsMCoGA1UEAwwjZXZnZW55LVN0YW5kYXJkLVBDLWk0NDBG
WC1QSUlYLTE5OTYxJTAjBgkqhkiG9w0BCQEWFmluZm9AdGVtcGVzdGEtdGVjaC5j
b20wHhcNMjMwNjE1MTAwODE3WhcNMjQwNjE0MTAwODE3WjCBwDELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIzAhBgNV
BAoMGlRlbXBlc3RhIFRlY2hub2xvZ2llcyBJbmMuMRAwDgYDVQQLDAdUZXN0aW5n
MSwwKgYDVQQDDCNldmdlbnktU3RhbmRhcmQtUEMtaTQ0MEZYLVBJSVgtMTk5NjEl
MCMGCSqGSIb3DQEJARYWaW5mb0B0ZW1wZXN0YS10ZWNoLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABEPZJpaHqTIvLVdssPhUUIOYXGBL/k1Gz2a1+nWmhjSP
6wWfvrz8JdzBTsun0AceUYLJVg8v14C0RYrnFlJfUTCjUzBRMB0GA1UdDgQWBBSr
5qGv0+RjQWWkni/SEgUEhSbRWDAfBgNVHSMEGDAWgBSr5qGv0+RjQWWkni/SEgUE
hSbRWDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIEuIn0s0UskC
Z4743ft5Aic4mNbfgMzuyLM0tO3VgsnwAiBmCc4D+vypJJ3aVRAOXKJfnj+RbW/F
J6/rzl+GqGMmCg==
-----END CERTIFICATE-----
@EvgeniiMekhanik
Copy link
Contributor Author

.193906] BUG: Bad page state in process tempesta.sh pfn:122ede
[10788.196827] page:0000000063a4c7b3 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122ede
[10788.197819] flags: 0x17ffffc0000000()
[10788.198247] raw: 0017ffffc0000000 dead000000000100 dead000000000122 0000000000000000
[10788.199061] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000
[10788.199940] page dumped because: nonzero _refcount
[10788.200472] Modules linked in: sha256_ssse3 sha512_ssse3 xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo nft_counter xt_addrtype nft_compat nf_tables nfnetlink br_netfilter bridge stp llc overlay binfmt_misc nls_iso8859_1 virtio_gpu virtio_dma_buf drm_kms_helper cec rc_core fb_sys_fops syscopyarea kvm_intel sysfillrect kvm sysimgblt joydev crct10dif_pclmul ghash_clmulni_intel input_leds aesni_intel mac_hid crypto_simd serio_raw cryptd qemu_fw_cfg glue_helper sch_fq_codel msr parport_pc ppdev lp drm parport ramoops efi_pstore pstore_blk reed_solomon pstore_zone ip_tables x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c e1000 psmouse crc32_pclmul floppy i2c_piix4 pata_acpi [last unloaded: tempesta_lib]
[10788.206681] CPU: 0 PID: 18501 Comm: tempesta.sh Tainted: G B OE 5.10.35+ #233
[10788.207300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
[10788.207931] Call Trace:
[10788.208129] dump_stack+0x70/0x8b
[10788.208416] bad_page.cold+0x63/0x94
[10788.208759] check_new_page_bad+0x6d/0x80
[10788.209079] get_page_from_freelist+0xd26/0x1660
[10788.209477] __alloc_pages_nodemask+0x164/0x310
[10788.209825] alloc_pages_current+0x84/0x140
[10788.210150] __pmd_alloc+0x33/0x1e0
[10788.210467] copy_page_range+0x13d6/0x1740
[10788.210793] ? anon_vma_fork+0x98/0x150
[10788.211089] ? kmem_cache_alloc+0xf1/0x200
[10788.211417] ? __rb_insert_augmented+0x93/0x1d0
[10788.211766] dup_mm+0x424/0x590
[10788.212010] copy_process+0x1b41/0x1bd0
[10788.212306] kernel_clone+0x9d/0x3d0
[10788.212582] __do_sys_clone+0x5d/0x80
[10788.212865] __x64_sys_clone+0x25/0x30
[10788.213154] do_syscall_64+0x38/0x90
[10788.213431] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[10788.213818] RIP: 0033:0x7f96d6166bc7

@EvgeniiMekhanik
Copy link
Contributor Author

.216161] RAX: ffffffffffffffda RBX: 00007f96d6323040 RCX: 00007f96d6166bc7
[10788.216686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[10788.217211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[10788.217737] R10: 00007f96d6079a10 R11: 0000000000000246 R12: 0000000000000001
[10788.218277] R13: 00007ffc47e89f60 R14: 000055eb46120bcf R15: 000055eb469f3970
[10788.218912] general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] SMP NOPTI
[10788.219931] CPU: 0 PID: 18501 Comm: tempesta.sh Tainted: G B OE 5.10.35+ #233
[10788.220915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
[10788.221849] RIP: 0010:get_page_from_freelist+0xa01/0x1660
[10788.222490] Code: f2 4c 8b 82 c0 00 00 00 49 39 c0 0f 84 77 01 00 00 4d 89 c1 49 83 e9 08 0f 84 6a 01 00 00 0f 1f 44 00 00 49 8b 40 08 49 8b 10 <48> 89 42 08 48 89 10 48 b8 00 01 00 00 00 00 ad de 49 89 00 48 83
[10788.224441] RSP: 0018:ffffbc2143903910 EFLAGS: 00010086
[10788.225032] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[10788.225822] RDX: dead000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[10788.226782] RBP: ffffbc2143903a30 R08: fffff09e848bb7c8 R09: fffff09e848bb7c0
[10788.227543] R10: 0000000000000001 R11: ffffffffffffffff R12: 0000000000000000
[10788.228281] R13: 0000000000000000 R14: ffffa084bffd6b80 R15: 0000000000000000
[10788.229040] FS: 00007f96d6079740(0000) GS:ffffa084b7c00000(0000) knlGS:0000000000000000
[10788.229841] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[10788.230452] CR2: 000055eb4614d04c CR3: 0000000127048004 CR4: 0000000000770ef0
[10788.231206] PKRU: 55555554
[10788.231503] Call Trace:
[10788.231755] ? get_page_from_freelist+0x1049/0x1660
[10788.232256] __alloc_pages_nodemask+0x164/0x310
[10788.232686] alloc_pages_current+0x84/0x140
[10788.233116] pte_alloc_one+0x18/0x50
[10788.233467] __pte_alloc+0x1b/0x110
[10788.233819] copy_page_range+0xe08/0x1740
[10788.234214] ? anon_vma_fork+0x98/0x150
[10788.234704] dup_mm+0x424/0x590
[10788.235072] copy_process+0x1b41/0x1bd0
[10788.235468] kernel_clone+0x9d/0x3d0
[10788.235840] __do_sys_clone+0x5d/0x80
[10788.236201] __x64_sys_clone+0x25/0x30
[10788.236588] do_syscall_64+0x38/0x90
[10788.236968] entry_SYSCALL_64_after_hwframe+0x44/0xa9

@krizhanovsky krizhanovsky added bug TLS Tempesta TLS module and related issues labels Jun 15, 2023
@krizhanovsky krizhanovsky added this to the 0.8 - Beta milestone Jun 15, 2023
@EvgeniiMekhanik
Copy link
Contributor Author

openssl ecparam -name secp192r1 -genkey -noout -out private.key

@EvgeniiMekhanik EvgeniiMekhanik self-assigned this Jul 12, 2023
EvgeniiMekhanik added a commit that referenced this issue Jul 12, 2023
@EvgeniiMekhanik
Fix extra memory free for SEC1 EC key
0d3a18b 
We should not free EC key in case of error in
`pk_parse_key_sec1_der` function, because it will
be freed later in `ttls_pk_free`.

Closes #1904
@EvgeniiMekhanik EvgeniiMekhanik mentioned this issue Jul 12, 2023
Merged
EvgeniiMekhanik added a commit that referenced this issue Jul 12, 2023
@EvgeniiMekhanik
Fix extra memory free for SEC1 EC key
b87f2f0 
We should not free EC key in case of error in
`pk_parse_key_sec1_der` function, because it will
be freed later in `ttls_pk_free`.

Closes #1904
EvgeniiMekhanik added a commit that referenced this issue Jul 13, 2023
@EvgeniiMekhanik
Fix extra memory free for SEC1 EC key
dbd6d18 
We should not free EC key in case of error in
`pk_parse_key_sec1_der` function, because it will
be freed later in `ttls_pk_free`.

Closes #1904
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@EvgeniiMekhanik EvgeniiMekhanik

Labels
bug TLS Tempesta TLS module and related issues
Projects
None yet
Milestone
0.8 - Beta
Development

Successfully merging a pull request may close this issue.

Fix extra memory free for SEC1 EC key tempesta-tech/tempesta
2 participants
@krizhanovsky @EvgeniiMekhanik