[bug report] Bug: Write fault blocked by KUAP!
Christophe Leroy (CS GROUP)
chleroy at kernel.org
Fri Feb 27 05:57:05 AEDT 2026
Le 26/02/2026 à 17:59, Caleb Sander Mateos a écrit :
> On Thu, Feb 26, 2026 at 4:44 AM Ming Lei <ming.lei at redhat.com> wrote:
>>
>> On Thu, Feb 26, 2026 at 6:48 PM Ming Lei <ming.lei at redhat.com> wrote:
>>>
>>> Hi Changhui,
>>>
>>> Thanks for the report!
>>>
>>> Loop Caleb Sander Mateos in.
>>>
>>> Thanks,
>>>
>>> On Thu, Feb 26, 2026 at 6:37 PM Changhui Zhong <czhong at redhat.com> wrote:
>>>>
>>>> Hello,
>>>>
>>>> on the ppc64le arch, I hit the issue below with ublksrv on the latest
>>>> linux-block/for-next, please help check it, and let me know if you
>>>> need any info/test for it. Thanks.
>>>>
>>>> INFO: HEAD of cloned kernel
>>>> commit 37a43fd770f3dcac8f72f3ea909b3e893e2385c9
>>>> Merge: 13cd9b41227a c1dfbd7e71b0
>>>> Author: Jens Axboe <axboe at kernel.dk>
>>>> Date: Wed Feb 25 08:37:06 2026 -0700
>>>>
>>>> Merge branch 'for-7.1/block' into for-next
>>>>
>>>> * for-7.1/block:
>>>> ublk: report BLK_SPLIT_INTERVAL_CAPABLE
>>>>
>>>> reproducer:
>>>> compile and install https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fublk-org%2Fublksrv.git&data=05%7C02%7Cchristophe.leroy2%40cs-soprasteria.com%7Cf0b0066758be476be95508de75587a73%7C8b87af7d86474dc78df45f69a2011bb5%7C0%7C0%7C639077220067774377%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=ki4yUMx%2FBTANcpfzEoVMdBKsuflIbzhHO2Wqpxtvj5g%3D&reserved=0
>>>> #echo 0 > /proc/sys/kernel/io_uring_disabled
>>>> #modprobe ublk_drv
>>>> #cd ublksrv
>>>> #make test T=null
>>>> #make test T=loop
>>>>
>>>> dmesg log:
>>>> Feb 26 00:24:30 ibm-p9z-27-lp26 journal: running null/002
>>>> Feb 26 00:24:30 ibm-p9z-27-lp26 ublksrvd-0[57921]: start ublksrv io
>>>> daemon ublksrvd-0
>>>> Feb 26 00:24:30 ibm-p9z-27-lp26 ublksrvd-0[57921]: tid 57923: ublk dev
>>>> 0 queue 0 started
>>>> Feb 26 00:24:30 ibm-p9z-27-lp26 ublksrvd-0[57921]: tid 57924: ublk dev
>>>> 0 queue 1 started
>>>> Feb 26 00:24:36 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083476.4882] platform-linux: do-add-ip6-address[2:
>>>> fe80::8448:a3ff:fe51:f102]: failure 13 (Permission denied - ipv6: IPv6
>>>> is disabled on this device)
>>>> Feb 26 00:24:36 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083476.4885] platform-linux: do-add-ip6-address[2:
>>>> 2620:52:9:160c:8448:a3ff:fe51:f102]: failure 13 (Permission denied -
>>>> ipv6: IPv6 is disabled on this device)
>>>> Feb 26 00:24:36 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083476.4938] l3cfg[0f1985ec14299e62,ifindex=2]: unable to
>>>> configure IPv6 route: type unicast fe80::/64 dev 2 metric 1024 mss 0
>>>> rt-src ipv6ll
>>>> Feb 26 00:24:38 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083478.4938] ipv6ll[95ab7f3fdbfe643d,ifindex=2]: changed: no IPv6
>>>> link local address to retry after Duplicate Address Detection failures
>>>> (back off)
>>>> Feb 26 00:24:38 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083478.4943] platform-linux: do-add-ip6-address[2:
>>>> 2620:52:9:160c:8448:a3ff:fe51:f102]: failure 13 (Permission denied -
>>>> ipv6: IPv6 is disabled on this device)
>>>> Feb 26 00:24:48 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083488.5034] platform-linux: do-add-ip6-address[2:
>>>> fe80::8448:a3ff:fe51:f102]: failure 13 (Permission denied - ipv6: IPv6
>>>> is disabled on this device)
>>>> Feb 26 00:24:48 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083488.5037] platform-linux: do-add-ip6-address[2:
>>>> 2620:52:9:160c:8448:a3ff:fe51:f102]: failure 13 (Permission denied -
>>>> ipv6: IPv6 is disabled on this device)
>>>> Feb 26 00:24:48 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083488.5041] l3cfg[0f1985ec14299e62,ifindex=2]: unable to
>>>> configure IPv6 route: type unicast fe80::/64 dev 2 metric 1024 mss 0
>>>> rt-src ipv6ll
>>>> Feb 26 00:24:50 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083490.5034] ipv6ll[95ab7f3fdbfe643d,ifindex=2]: changed: no IPv6
>>>> link local address to retry after Duplicate Address Detection failures
>>>> (back off)
>>>> Feb 26 00:24:50 ibm-p9z-27-lp26 NetworkManager[818]: <warn>
>>>> [1772083490.5039] platform-linux: do-add-ip6-address[2:
>>>> 2620:52:9:160c:8448:a3ff:fe51:f102]: failure 13 (Permission denied -
>>>> ipv6: IPv6 is disabled on this device)
>>>> Feb 26 00:24:58 ibm-p9z-27-lp26 kernel: Kernel attempted to read user
>>>> page (7fff81210000) - exploit attempt? (uid: 0)
>>>> Feb 26 00:24:58 ibm-p9z-27-lp26 kernel: ------------[ cut here ]------------
>>>> Feb 26 00:24:58 ibm-p9z-27-lp26 kernel: Bug: Read fault blocked by KUAP!
>>>> Feb 26 00:24:58 ibm-p9z-27-lp26 kernel: WARNING:
>>>> arch/powerpc/mm/fault.c:231 at bad_kernel_fault.isra.0+0xc8/0x2c0,
>>>> CPU#5: lt-ublk.null/57924
>>
>> oops, it shouldn't be related with `ublk: report BLK_SPLIT_INTERVAL_CAPABLE`,
>> Perhaps one issue lies in the ppcle64 architecture code.
>
> Agreed, the "Kernel attempted to read user page" error seems
> incorrect. The call trace shows this is in copy_from_iter(), so
> reading a user page is expected. I too would be suspicious of the
> powerpc copy_from_iter() implementation.
Looks similar to:
https://lore.kernel.org/all/20260109064917.777587-2-sshegde@linux.ibm.com/
That fix was rejected, more acceptable fix here:
https://lore.kernel.org/all/20260217124457.89219-1-sayalip@linux.ibm.com/
Let us know if it fixes the issue for you.
Christophe
More information about the Linuxppc-dev
mailing list