lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <201108011541.59640.richard@nod.at>
Date:	Mon, 1 Aug 2011 15:41:59 +0200
From:	Richard Weinberger <richard@....at>
To:	segoon@...nwall.com
Cc:	serge.hallyn@...onical.com, torvalds@...ux-foundation.org,
	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
	user-mode-linux-devel@...ts.sourceforge.net, toralf.foerster@....de
Subject: shm updates broke UML

Vasiliy,

5774ed01 (shm: handle separate PID namespaces case)
b34a6b1d (ipc: introduce shm_rmid_forced sysctl)
4c677e2e (shm: optimize locking and ipc_namespace getting)

broke UML on i386.
It crashes while starting up by SIGSEGV.
exit_shm() seems to be the evil doer.

Reverting all three patches make UML work again.

Commit 5774ed01 removed the !ns->shm_rmid_forced check, maybe this is wrong?
The attached patch cures the problem, but I'm sure it's wrong. 8)

---cut---
#13 0x08067efb in hard_handler (sig=11) at arch/um/os-Linux/sys-i386/signal.c:12
#14 <signal handler called>
#15 __list_add (sem=0x824cc98, subclass=0) at include/linux/list.h:44
#16 list_add_tail (sem=0x824cc98, subclass=0) at include/linux/list.h:76
#17 __down_write_nested (sem=0x824cc98, subclass=0) at lib/rwsem-spinlock.c:232
#18 0x081c7ba1 in __down_write (sem=0x824cc98) at lib/rwsem-spinlock.c:252
#19 0x081c74a3 in down_write (sem=0x824cc98) at kernel/rwsem.c:51
#20 0x08139913 in exit_shm (task=0x9c73b60) at ipc/shm.c:308
#21 0x08075649 in do_exit (code=0) at kernel/exit.c:983
#22 0x08081dd2 in ____call_usermodehelper (data=0x9c6bce0) at kernel/kmod.c:187
#23 0x08065c18 in run_kernel_thread (fn=0x8081ce4 <____call_usermodehelper>, arg=0x9c6bce0, 
jmp_ptr=0x9c73d94)
    at arch/um/os-Linux/process.c:268
#24 0x080588cb in new_thread_handler () at arch/um/kernel/process.c:153
#25 0x00000000 in ?? ()
---cut---

Not-Signed-off-by: Richard Weinberger <richard@....at>
---
diff --git a/ipc/shm.c b/ipc/shm.c
index 9fb044f3b..2196a0d 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -304,6 +304,9 @@ void exit_shm(struct task_struct *task)
 {
 	struct ipc_namespace *ns = task->nsproxy->ipc_ns;
 
+	if(!ns->shm_rmid_forced)
+		return;
+
 	/* Destroy all already created segments, but not mapped yet */
 	down_write(&shm_ids(ns).rw_mutex);
 	if (&shm_ids(ns).in_use)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ