lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1233012811.14510.18.camel@localhost.localdomain>
Date:	Mon, 26 Jan 2009 15:33:31 -0800
From:	Ed Swierk <eswierk@...stanetworks.com>
To:	Ingo Molnar <mingo@...e.hu>, Oleg Nesterov <oleg@...hat.com>,
	rml@...h9.net, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Fix BUG: using smp_processor_id() in preemptible code
 in print_fatal_signal()

On Tue, 2009-01-27 at 00:15 +0100, Ingo Molnar wrote:
> This trades a (harmless) debug warning against a potential deadlock or 
> even a crash, because print_fatal_signal() can do this:
> 
>                         __get_user(insn, (unsigned char *)(regs->ip + i));
> 
> which will work without a fault most of the time but might also generate a 
> pagefault and schedule away from atomic context.

Ouch!

> So please add preempt_disable()+preempt_enable() calls around the 
> show_regs() call instead.

Take 2:

With print-fatal-signals=1 on a kernel with CONFIG_PREEMPT=y, sending an
unexpected signal to a process causes a BUG: using smp_processor_id() in
preemptible code.

get_signal_to_deliver() releases the siglock before calling
print_fatal_signal(), which calls show_regs(), which calls
smp_processor_id(), which is not supposed to be called from a
preemptible thread.

Signed-off-by: Ed Swierk <eswierk@...stanetworks.com>

---
Index: linux-2.6.27.4/kernel/signal.c
===================================================================
--- linux-2.6.27.4.orig/kernel/signal.c
+++ linux-2.6.27.4/kernel/signal.c
@@ -890,7 +890,9 @@ static void print_fatal_signal(struct pt
 	}
 #endif
 	printk("\n");
+	preempt_disable();
 	show_regs(regs);
+	preempt_enable();
 }
 
 static int __init setup_print_fatal_signals(char *str)


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ