Bug#535571: kernel unaligned access copy_to_user_state with IPSec
The kernel modules gdb can use will be in .ko files scattered under the 
linux/ source dir which you can find with commands like $ find . -name 
.git -prune -o -name \*.ko -print Jonathan
I finally managed to compile some debug symbols into the kernel. Here we go:
dmesg:
[3179998.695837] Kernel unaligned access at TPC[1066a958] 
copy_to_user_state+0x54/0x9c [xfrm_user]
[3179998.811473] Kernel unaligned access at TPC[1066a958] 
copy_to_user_state+0x54/0x9c [xfrm_user]
Debug output:
Reading symbols from 
/home/inst/kernel/linux-2.6-2.6.32/net/xfrm/xfrm_user.ko...done.
(gdb) list *(copy_to_user_state+0x54)
0x9c0 is in copy_to_user_state (net/xfrm/xfrm_user.c:513).
508     {
509             memcpy(&p->id, &x->id, sizeof(p->id));
510             memcpy(&p->sel, &x->sel, sizeof(p->sel));
511             memcpy(&p->lft, &x->lft, sizeof(p->lft));
512             memcpy(&p->curlft, &x->curlft, sizeof(p->curlft));
513             memcpy(&p->stats, &x->stats, sizeof(p->stats));
514             memcpy(&p->saddr, &x->props.saddr, sizeof(p->saddr));
515             p->mode = x->props.mode;
516             p->replay_window = x->props.replay_window;
517             p->reqid = x->props.reqid;
(gdb) list *(copy_to_user_state+0x9c0)
0x132c is in xfrm_add_sa_expire (include/net/xfrm.h:761).
756             atomic_dec(&x->refcnt);
757     }
758
759     static inline void xfrm_state_put(struct xfrm_state *x)
760     {
761             if (atomic_dec_and_test(&x->refcnt))
762                     __xfrm_state_destroy(x);
763     }
764
765     static inline void xfrm_state_hold(struct xfrm_state *x)
I'll provide same info for a 3.x kernel, soon.
Regards,
Sebastian
Reply to: