Public bug reported:
Summary
=======
IBM z15 LPAR
found on non-Ubuntu distro with opencryptoki-3.15.1
Segmentation fault of the sess_opstate test on the Soft Token
The problem is immediately reproducible
Details
=======
The sess_opstate test was receiving a segmentation fault signal when running
on the OpenCryptoki SoftToken.
./Bopencryptoki-tb: line 391: 222135 Segmentation fault (core dumped)
./sess_opstate -slot $slot_nr
sess_opstate succeeds against the ICA token, CCA token, and EP11 token.
The elapled time amount is showing about 50years of run time which is way too
high, though.
# time ./sess_opstate1 -slot 3
Using slot #3...
With option: no_init: 0
Running 100 loops...
* TESTCASE sess_opstate_funcs PASS (elapsed time 1612872946s 711722us)
Get/SetOperationState digest test
real 0m0.895s
user 0m0.015s
sys 0m0.032s
Debug info
==========
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000003ff9a51e9c0 in main_arena () from /usr/lib64/libc.so.6
(gdb) bt
#0 0x000003ff9a51e9c0 in main_arena () from /usr/lib64/libc.so.6
#1 0x000003ff98270872 in token_specific_sha_update (tokdata=<optimized out>,
ctx=0x161b0578, in_data=<optimized out>,
in_data_len=<optimized out>) at usr/lib/soft_stdll/soft_specific.c:3062
#2 0x000003ff98215f48 in digest_mgr_digest_update (tokdata=<optimized out>,
sess=<optimized out>, ctx=0x161b0578,
data=<optimized out>, data_len=5) at usr/lib/common/dig_mgr.c:287
#3 0x000003ff98251716 in SC_DigestUpdate (tokdata=0x1619da60,
sSession=<optimized out>, pPart=0x161b0710 "\310@\024\352\345",
ulPartLen=5) at usr/lib/common/new_host.c:2613
#4 0x000003ff9a607578 in C_DigestUpdate () from
/usr/lib64/opencryptoki/libopencryptoki.so.0
#5 0x0000000001004d56 in sess_opstate_funcs ()
#6 0x00000000010057d2 in main ()
Terminal Output
===============
./Bopencryptoki-tb: line 391: 222135 Segmentation fault (core dumped)
./sess_opstate -slot $slot_nr
# file sess_opstate
sess_opstate: ELF 64-bit MSB executable, IBM S/390, version 1 (SYSV),
dynamically linked, interpreter /lib/ld64.so.1, for GNU/Linux 3.2.0,
BuildID[sha1]=999f80eaa557d306a8ea4cda25e8e928fe9eb527, with debug_info, not
stripped
# coredumpctl list
TIME PID UID GID SIG COREFILE EXE
Thu 2021-02-04 19:05:29 CET 222135 0 0 11 missing
/root/crypto/opencryptoki-3.15.1/testcases/pkcs11/sess_opstate
#
coredumpctl dump 222135 > coredump_pid222135.core
PID: 222135 (sess_opstate)
UID: 0 (root)
GID: 0 (root)
Signal: 11 (SEGV)
Timestamp: Thu 2021-02-04 19:05:28 CET (4 days ago)
Command Line: ./sess_opstate -slot 2
Executable: /root/crypto/opencryptoki-3.15.1/testcases/pkcs11/sess_opstate
Control Group: /user.slice/user-0.slice/session-5.scope
Unit: session-5.scope
Slice: user-0.slice
Session: 5
Owner UID: 0 (root)
Boot ID: 13342569937c43b9ab778ea184f4e490
Machine ID: fc8625d575914061ba54bbf27e15d50d
Hostname: t83lp22.lnxne.boe
Storage:
/var/lib/systemd/coredump/core.sess_opstate.0.13342569937c43b9ab778ea184f4e490.222135.1612461928000000.lz4
(inaccessible)
Message: Process 222135 (sess_opstate) of user 0 dumped core.
Stack trace of thread 222135:
#0 0x0000000000000002 n/a (n/a)
Syslog from the segmentation fault situation:
Feb 04 19:05:28 system sess_opstate[222135]: Libica FIPS library integrity
check passed.
Feb 04 19:05:28 system kernel: User process fault: interruption code 0010 ilc:3
in sess_opstate[1000000+a000]
Feb 04 19:05:28 system kernel: Failing address: 0000000000000000 TEID:
0000000000000800
Feb 04 19:05:28 system kernel: Fault in primary space mode while using user
ASCE.
Feb 04 19:05:28 system kernel: AS:00000000e585c1c7 R3:00000000da39c007
S:0000000000000020
Feb 04 19:05:28 system kernel: CPU: 2 PID: 222135 Comm: sess_opstate Kdump:
loaded Not tainted 4.18.0-277.el8.s390x #1
Feb 04 19:05:28 system kernel: Hardware name: IBM 8561 T01 701 (LPAR)
Feb 04 19:05:28 system kernel: User PSW : 0705000180000000 0000000000000002
Feb 04 19:05:28 system kernel: R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:1
AS:0 CC:0 PM:0 RI:0 EA:3
Feb 04 19:05:28 system kernel: User GPRS: 0000000000000000 0000000000000002
0000000002922fb0 0000000002922ca0
Feb 04 19:05:28 system kernel: 0000000000000003 0000000000000003
0000000000000003 0000000000000002
Feb 04 19:05:28 system kernel: 00000000029098b0 0000000000000003
0000000002922ca0 0000000002923238
Feb 04 19:05:28 system kernel: 0000000002922ca0 0000000000000063
000003ff991f0872 000003ffc027ee50
Feb 04 19:05:28 system kernel: User Code: Bad PSW.
Feb 04 19:05:28 system kernel: Last Breaking-Event-Address:
Feb 04 19:05:28 system kernel: [<000003ff9ae96cec>] 0x3ff9ae96cec
Feb 04 19:05:28 system systemd-coredump[222136]: Libica FIPS library integrity
check passed.
Feb 04 19:05:28 system systemd[1]: Created slice
system-systemd\x2dcoredump.slice.
Feb 04 19:05:28 system systemd[1]: Started Process Core Dump (PID 222136/UID 0).
Feb 04 19:05:29 system systemd-coredump[222137]: Libica FIPS library integrity
check passed.
Feb 04 19:05:29 system sess_mgmt_tests[222138]: Libica FIPS library integrity
check passed.
Feb 04 19:05:29 system systemd-coredump[222137]: Process 222135 (sess_opstate)
of user 0 dumped core.
Stack trace of
thread 222135:
#0
0x0000000000000002 n/a (n/a)
Feb 04 19:05:29 system systemd[1]: [email protected]:
Succeeded
---Steps to Reproduce---
1. Unpack the GitHub OpenCryptoki source code package and run
./bootstrap.sh
./configure --enable-testcases
2. cd testcases
3. make
4. cd crypto
5. Set up the opencryptoki Soft token (define in
/etc/opencryptoki/opencryptoki.conf file and initialize using 'pkcsconf')
6. export PKCS11_USER_PIN=01234567; export PKCS11_SO_PIN=76543210
7. run: ./sess_opstate -slot <N> -securekey; N being the index of the Soft token
8. Watch the Error output of the tests.
Userspace tool common name: opencryptoki
Userspace : opencryptoki-libs-3.15.1
The userspace tool has the following bit modes: 64-bit
Userspace tool obtained from project website: na
This affects OCK >= 3.15 only.
The fix is now upstream:
https://github.com/opencryptoki/opencryptoki/commit/1e98001ff63cd7e75d95b4ea0d3d2a69965d8890
"SOFT: Fix problem with C_Get/SetOperationState and digest contexts"
This patch should apply smoothly on top of OCK 3.15.1.
** Affects: opencryptoki (Ubuntu)
Importance: Undecided
Assignee: Skipper Bug Screeners (skipper-screen-team)
Status: New
** Tags: architecture-s39064 bugnameltc-191549 severity-high
targetmilestone-inin2104
** Tags added: architecture-s39064 bugnameltc-191549 severity-high
targetmilestone-inin2104
** Changed in: ubuntu
Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team)
** Package changed: ubuntu => opencryptoki (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1915689
Title:
[UBUNTU 21.04] Opencryptoki 3.15: token_specific_sha_update() causes
segmentation fault in main_arena () from /usr/lib64/libc.so.6
(opencryptoki)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opencryptoki/+bug/1915689/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
