lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAOsG7to=Ap9O0vbJGSbC72fyDBa6dzBxvwBYqCJiB=GVnu=S4A@mail.gmail.com>
Date:	Thu, 3 May 2012 15:59:41 -0700
From:	Hyungwoo Yang <hwoo.yang@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: process migration during vfp_init() generates kernel crash

Hello,

I think I've found a bug but actually I'm not sure whether it only
happens to me due to our changes in kernel.

In vfp_init() in "arch/arm/vfp/vfpmodule.c", if there is process
migration between vfp_enable() and smp_call_function() then kernel
crashes.

===== original code =====

	if (cpu_arch >= CPU_ARCH_ARMv6)
		vfp_enable(NULL); <== if migration happens just after
vfp_enable(NULL), kernel crashes.
                  :
                  :
        vfpsid = fmrx(FPSID); <== if migration happens, read tries to
access disbled VFP unit.
                  :
                  :
       if (VFP_arch)
		printk("not present\n");
	else if (vfpsid & FPSID_NODOUBLE) {
		printk("no double precision support\n");
	} else {
		hotcpu_notifier(vfp_hotplug, 0);

		smp_call_function(vfp_enable, NULL, 1); <== if migration happens,
smp_call_function will not work as it is expected.
=======================

Do you have any opinion?


There're a few ways of preventing migration (like set affinity or
disable premption) but the following is one of the way.

====== modified code =====
/*
 * VFP support code initialisation.
 */
static int __init vfp_init(void)
{
	unsigned int vfpsid;
	unsigned int cpu_arch = cpu_architecture();
#ifdef CONFIG_SMP
	preempt_disable(); <== disable preemption !!!!!!
#endif
	if (cpu_arch >= CPU_ARCH_ARMv6)
		vfp_enable(NULL);

	/*
	 * First check that there is a VFP that we can use.
	 * The handler is already setup to just log calls, so
	 * we just need to read the VFPSID register.
	 */
	vfp_vector = vfp_testing_entry;
	barrier();
	vfpsid = fmrx(FPSID);
	barrier();
	vfp_vector = vfp_null_entry;
#ifdef CONFIG_SMP
	preempt_enable(); <== enable preemption  !!!!!!
#endif

	printk(KERN_INFO "VFP support v0.3: ");
	if (VFP_arch)
		printk("not present\n");
	else if (vfpsid & FPSID_NODOUBLE) {
		printk("no double precision support\n");
	} else {
		hotcpu_notifier(vfp_hotplug, 0);

		on_each_cpu(vfp_enable, NULL, 1); <== call on_each_cpu() instead of
smp_call_function() !!!!!!
                                :
                                :		
                                :
	}
	return 0;
}
=====================================================

- Hyungwoo Yang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ