Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#69184 - [linux] Kernel oops in keyctl() syscall, which takes down iwd

Attached to Project: Arch Linux
Opened by Lukas van den Dijssel (LukasvdDijssel) - Saturday, 02 January 2021, 19:05 GMT
Task Type Bug Report
Category Kernel
Status Unconfirmed
Assigned To No-one
Architecture x86_64
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

Description:
When attempting to use iwd 1.10 to connect to a certain Wi-Fi network which uses EAP-TTLS, a kernel oops occurs, which takes down iwd with it.
The oops occurs during a keyctl() syscall, as indicated by the strace as well as the kernel log.
The iwd developers told me this is most likely a kernel issue. It seems likely to me as well, but I'm posting this report here going on mostly their insights. They also informed me that iwd does not use any crypto libraries, so that does point straight to the kernel.
This could be an upstream kernel issue as well, but I'm not sure, so I'd rather ask here first than aggravate the upstream maintainers by having "-arch" in my kernel version string.

Additional info:
* Kernel versions 5.10.3.arch1-1 and 5.10.4.arch2-1 show the same problem. If I remember correctly, this issue has only occured after updating to 5.10.3 from I think 5.9.
* Error probably occurs in the "Keys/Keyrings" kernel subsystem.
* iwd debug log: https://pastebin.com/Ndmdzc9x
* Relevant part of strace: https://pastebin.com/fHVEKUYh
* Kernel log: https://pastebin.com/ehbGQkB1
* EAP-TTLS certificate: https://pastebin.com/87KNNLjU

Steps to reproduce:
1. Compile iwd 1.10 from source (https://git.kernel.org/pub/scm/network/wireless/iwd.git/tag/?h=1.10) or install community/iwd or aur/iwd-git. The same error occurs in any of them.
2. Connect to an EAP-TTLS Wi-Fi network (the type of certificate probably matters, so I've attached mine for reference). RADIUS authentication is in my case provivided by another Arch box running freeradius 3.0.21-6. This is the only network I have access to that uses EAP-TTLS, however, I am also its administrator, so I'll gladly help in trying to find where the problem is.
3. iwd will silently crash during the TLS handshake (SIGKILL) and, if run using systemd, will be restarted and crash until the restart limit is reached.
This task depends upon

Comment by loqs (loqs) - Saturday, 02 January 2021, 19:08 GMT
Have you looked at FS#69174
Comment by Lukas van den Dijssel (LukasvdDijssel) - Saturday, 02 January 2021, 19:16 GMT
@loqs It does appear to be very similar, so I'm not sure how I didn't come across it in my previous search. I've linked this report there as well.

Loading...