| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <DE8DF0795D48FD4CA783C40EC8292335221654@SHSMSX101.ccr.corp.intel.com>
Date: Fri, 8 Jun 2012 09:37:06 +0000
From: "Liu, Jinsong" <jinsong.liu@...el.com>
To: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
CC: Borislav Petkov <bp@...64.org>, "Luck, Tony" <tony.luck@...el.com>,
"'xen-devel@...ts.xensource.com'" <xen-devel@...ts.xensource.com>,
"'linux-kernel@...r.kernel.org'" <linux-kernel@...r.kernel.org>
Subject: [PATCH] xen/mce: Add mutex lock and buffer to avoid sleep in atomic
context
>From a9c5f29330a056291356b912816b5b2e0e061a30 Mon Sep 17 00:00:00 2001
From: Liu, Jinsong <jinsong.liu@...el.com>
Date: Sat, 9 Jun 2012 00:56:46 +0800
Subject: [PATCH] xen/mce: Add mutex lock and buffer to avoid sleep in atomic context
copy_to_user might sleep and print a stack trace if it is executed
in an atomic spinlock context. This patch add a mutex lock and a
buffer to avoid the case.
Reported-by: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
Signed-off-by: Liu, Jinsong <jinsong.liu@...el.com>
---
drivers/xen/mcelog.c | 20 ++++++++++++++++----
1 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/drivers/xen/mcelog.c b/drivers/xen/mcelog.c
index 72e87d2..4046f01 100644
--- a/drivers/xen/mcelog.c
+++ b/drivers/xen/mcelog.c
@@ -56,12 +56,14 @@ static struct mcinfo_logical_cpu *g_physinfo;
static uint32_t ncpus;
static DEFINE_SPINLOCK(mcelog_lock);
+static DEFINE_MUTEX(xen_mce_chrdev_read_mutex);
static struct xen_mce_log xen_mcelog = {
.signature = XEN_MCE_LOG_SIGNATURE,
.len = XEN_MCE_LOG_LEN,
.recordlen = sizeof(struct xen_mce),
};
+static struct xen_mce_log xen_mcelog_u;
static DEFINE_SPINLOCK(xen_mce_chrdev_state_lock);
static int xen_mce_chrdev_open_count; /* #times opened */
@@ -99,6 +101,10 @@ static int xen_mce_chrdev_release(struct inode *inode, struct file *file)
return 0;
}
+/*
+ * copy_to_user might sleep and print a stack trace
+ * if it is executed in an atomic spinlock context
+ */
static ssize_t xen_mce_chrdev_read(struct file *filp, char __user *ubuf,
size_t usize, loff_t *off)
{
@@ -106,9 +112,15 @@ static ssize_t xen_mce_chrdev_read(struct file *filp, char __user *ubuf,
unsigned num;
int i, err;
+ mutex_lock(&xen_mce_chrdev_read_mutex);
+
spin_lock(&mcelog_lock);
+ memcpy(&xen_mcelog_u, &xen_mcelog, sizeof(struct xen_mce_log));
num = xen_mcelog.next;
+ memset(xen_mcelog.entry, 0, num * sizeof(struct xen_mce));
+ xen_mcelog.next = 0;
+ spin_unlock(&mcelog_lock);
/* Only supports full reads right now */
err = -EINVAL;
@@ -117,20 +129,20 @@ static ssize_t xen_mce_chrdev_read(struct file *filp, char __user *ubuf,
err = 0;
for (i = 0; i < num; i++) {
- struct xen_mce *m = &xen_mcelog.entry[i];
+ struct xen_mce *m = &xen_mcelog_u.entry[i];
err |= copy_to_user(buf, m, sizeof(*m));
buf += sizeof(*m);
}
- memset(xen_mcelog.entry, 0, num * sizeof(struct xen_mce));
- xen_mcelog.next = 0;
+ memset(xen_mcelog_u.entry, 0, num * sizeof(struct xen_mce));
+ xen_mcelog_u.next = 0;
if (err)
err = -EFAULT;
out:
- spin_unlock(&mcelog_lock);
+ mutex_unlock(&xen_mce_chrdev_read_mutex);
return err ? err : buf - ubuf;
}
--
1.7.1
Download attachment "0001-xen-mce-Add-mutex-lock-and-buffer-to-avoid-sleep-in-.patch" of type "application/octet-stream" (2676 bytes)
Powered by blists - more mailing lists