lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 3 Aug 2014 05:03:45 -0700
From:	Aleksei Besogonov <alex.besogonov@...il.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	David Rientjes <rientjes@...gle.com>, linux-kernel@...r.kernel.org
Subject: Re: Soft lockups during reading /proc/PID/smaps

On 02 Aug 2014, at 11:19, Oleg Nesterov <oleg@...hat.com> wrote:
> On 07/31, Aleksei Besogonov wrote:
>> 
>> On 31 Jul 2014, at 00:43, David Rientjes <rientjes@...gle.com> wrote:
>> 
>>> The while_each_thread() in vm_is_stack() looks suspicious since the task
>>> isn't current and rcu won't protect the iteration, and we also don't hold
>>> sighand lock or a readlock on tasklist_lock.
>>> I think Oleg will know how to proceed, cc'd.
>> I’m attaching a minimal test case that can reproduce the issue. Works in 100% cases on any system I’ve tried.
> Thanks. I think David is right and we need the simple patch below.
> This reminds me I should kill while_each_thread :/
> Any chance you can test it? If not, I will do this later and send
> the patch if it helps.
Thanks, it works on the rc7 kernel.

I can make a backported version for earlier kernels if nobody else is interested.

> 
> Oleg.
> 
> --- x/mm/util.c
> +++ x/mm/util.c
> @@ -277,17 +277,14 @@ pid_t vm_is_stack(struct task_struct *ta
> 
> 	if (in_group) {
> 		struct task_struct *t;
> -		rcu_read_lock();
> -		if (!pid_alive(task))
> -			goto done;
> 
> -		t = task;
> -		do {
> +		rcu_read_lock();
> +		for_each_thread(task, t) {
> 			if (vm_is_stack_for_task(t, vma)) {
> 				ret = t->pid;
> 				goto done;
> 			}
> -		} while_each_thread(task, t);
> +		}
> done:
> 		rcu_read_unlock();
> 	}
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ