| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Jul 2015 13:06:33 -0700 From: tip-bot for Thomas Gleixner <tipbot@...or.com> To: linux-tip-commits@...r.kernel.org Cc: bp@...e.de, hpa@...or.com, tglx@...utronix.de, jroedel@...e.de, peterz@...radead.org, jin.xiao@...el.com, linux-kernel@...r.kernel.org, yanmin_zhang@...ux.intel.com, mingo@...nel.org Subject: [tip:irq/urgent] hotplug: Prevent alloc/ free of irq descriptors during cpu up/down Commit-ID: bdcbafe3402cb337752c4c8bce3445ee4c5559a5 Gitweb: http://git.kernel.org/tip/bdcbafe3402cb337752c4c8bce3445ee4c5559a5 Author: Thomas Gleixner <tglx@...utronix.de> AuthorDate: Sun, 5 Jul 2015 17:12:30 +0000 Committer: Thomas Gleixner <tglx@...utronix.de> CommitDate: Tue, 7 Jul 2015 22:03:22 +0200 hotplug: Prevent alloc/free of irq descriptors during cpu up/down When a cpu goes up some architectures (e.g. x86) have to walk the irq space to set up the vector space for the cpu. While this needs extra protection at the architecture level we can avoid a few race conditions by preventing the concurrent allocation/free of irq descriptors and the associated data. When a cpu goes down it moves the interrupts which are targeted to this cpu away by reassigning the affinities. While this happens interrupts can be allocated and freed, which opens a can of race conditions in the code which reassignes the affinities because interrupt descriptors might be freed underneath. Example: CPU1 CPU2 cpu_up/down irq_desc = irq_to_desc(irq); remove_from_radix_tree(desc); raw_spin_lock(&desc->lock); free(desc); We could protect the irq descriptors with RCU, but that would require a full tree change of all accesses to interrupt descriptors. But fortunately these kind of race conditions are rather limited to a few things like cpu hotplug. The normal setup/teardown is very well serialized. So the simpler and obvious solution is: Prevent allocation and freeing of interrupt descriptors accross cpu hotplug. Signed-off-by: Thomas Gleixner <tglx@...utronix.de> Acked-by: Peter Zijlstra <peterz@...radead.org> Cc: xiao jin <jin.xiao@...el.com> Cc: Joerg Roedel <jroedel@...e.de> Cc: Borislav Petkov <bp@...e.de> Cc: Yanmin Zhang <yanmin_zhang@...ux.intel.com> Link: http://lkml.kernel.org/r/20150705171102.063519515@linutronix.de --- kernel/cpu.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/cpu.c b/kernel/cpu.c index fa6dc67..6a37454 100644 --- a/kernel/cpu.c +++ b/kernel/cpu.c @@ -21,6 +21,7 @@ #include <linux/suspend.h> #include <linux/lockdep.h> #include <linux/tick.h> +#include <linux/irq.h> #include <trace/events/power.h> #include "smpboot.h" -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists