lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 27 Mar 2012 10:05:10 -0400
From:	Jason Baron <jbaron@...hat.com>
To:	"Yurij M. Plotnikov" <Yurij.Plotnikov@...etlabs.ru>
Cc:	linux-kernel@...r.kernel.org,
	"Alexandra N. Kossovsky" <Alexandra.Kossovsky@...etlabs.ru>,
	akpm@...ux-foundation.org
Subject: Re: Dead circle in epoll file descriptor causes soft lockup on
 kernel 3.2.12

On Tue, Mar 27, 2012 at 11:51:16AM +0400, Yurij M. Plotnikov wrote:
> Adding epoll file descriptors in each other in circle causes soft
> lockup on kernel 3.2.12 (I'm using Debian kernel
> 3.2.0-0.bpo.1-amd64). The following steps describe the problem:
> 
> 1. epoll_create(1) -> 3
> 2. epoll_create(1) -> 4
> 3. socket(SOCK_STREAM) -> 5
> 4. bind(5, 0.0.0.0:0) -> 0
> 5. listen(5, 1) -> 0
> 6. epoll_ctl(3, ADD, 5, events = 0) -> 0
> 7. epoll_ctl(3, ADD, 4, events = EPOLLIN) -> 0
> 8. epoll_ctl(4, ADD, 3, events = EPOLLIN) -> -1(ELOOP)
> 9. close(3) -> 0
> 10. close(4) -> 0
> 11. close(5) -> 0
> 
> After repetaing this sequence 2-3 times soft lockup appers. In
> attachment c program to reproduce this problem.
> 

Good catch. The patch below should fix this - please verify. Thanks.


Make sure we clear the tfile_check_list on error.

Signed-off-by: Jason Baron <jbaron@...hat.com>
---
 fs/eventpoll.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index c33b347..9af6e18 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -1652,8 +1652,10 @@ SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd,
 	if (op == EPOLL_CTL_ADD) {
 		if (is_file_epoll(tfile)) {
 			error = -ELOOP;
-			if (ep_loop_check(ep, tfile) != 0)
+			if (ep_loop_check(ep, tfile) != 0) {
+				clear_tfile_check_list();
 				goto error_tgt_fput;
+			}
 		} else
 			list_add(&tfile->f_tfile_llink, &tfile_check_list);
 	}
-- 
1.7.7.6

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ