lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 6 Jun 2007 11:13:15 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	William Lee Irwin III <wli@...omorphy.com>
Cc:	Paul Menage <menage@...gle.com>, linux-kernel@...r.kernel.org
Subject: Re: 2.6.22-rc4-mm1

On Wed, 6 Jun 2007 09:30:53 -0700 William Lee Irwin III <wli@...omorphy.com> wrote:

> On Wed, Jun 06, 2007 at 02:07:37AM -0700, Andrew Morton wrote:
> > ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.22-rc4/2.6.22-rc4-mm1/
> > - Somebody broke it on my powerpc G5, but I didn't have time to do yet
> >   another bisection yet.
> > - There's a lengthy patch series here from Nick which attempts to address
> >   the longstanding pagefault-vs-buffered-write deadlock.
> >   A great shower of filesystems were broken and have been disabled with
> >   CONFIG_BROKEN.  This includes reiser4.
> > - Complex patches which eliminate the kernel's fixed size limit on the
> >   command-line length.  These break nommu builds.
> 
> Someone remind me what the pagefault vs. buffered write deadlock is.

generic_file_write() does lock_page(), then copies the user's data into
pagecache.  If that copy_from_user() encounters a major fault and the page
is not uptodate, the pagefault handler does lock_page() and deadlocks.

It requires that the user be writ()ing from a mmap of the page back into
the same page, which is weird.

The kernel tries to prefault the page to avoid the copy_from_user() fault,
but there are ways in whcih that can be defeated (super memory pressure,
malicious fadvise() from a second thread, etc).

> Something brings down i386/qemu before even earlyprintk can handle.
> 
> Bisection has narrowed it down to patch 1140 after everything got
> renumbered by peterz' fix for mm-variable-length-argument-support.patch,
> namely containersv10-make-cpusets-a-client-of-containers.patch

erk.  A step-by-step how-to-make-this-happen might help if poss, please.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ