lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAOMGZ=HUNTxBOjNkP+HtD1q-yk0sOBUoMJeCu=0cKOrc8coezQ@mail.gmail.com>
Date:   Sun, 21 Aug 2016 14:10:07 +0200
From:   Vegard Nossum <vegard.nossum@...il.com>
To:     Thomas Gleixner <tglx@...utronix.de>,
        Stephane Eranian <eranian@...gle.com>,
        Vince Weaver <vincent.weaver@...ne.edu>,
        Ingo Molnar <mingo@...nel.org>,
        David Carrillo-Cisneros <davidcc@...gle.com>,
        Peter Zijlstra <peterz@...radead.org>,
        "H. Peter Anvin" <hpa@...or.com>, Kan Liang <kan.liang@...el.com>,
        Arnaldo Carvalho de Melo <acme@...hat.com>,
        Paul Turner <pjt@...gle.com>,
        "Vegard/gmail" <vegard.nossum@...il.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        jolsa@...hat.com, LKML <linux-kernel@...r.kernel.org>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>
Cc:     linux-tip-commits@...r.kernel.org
Subject: Re: [tip:perf/core] perf/core: Check return value of the
 perf_event_read() IPI

On 18 August 2016 at 12:52, tip-bot for David Carrillo-Cisneros
<tipbot@...or.com> wrote:
> Commit-ID:  71e7bc2bab77e64882c031c2af943c3256c1adb0
> Gitweb:     http://git.kernel.org/tip/71e7bc2bab77e64882c031c2af943c3256c1adb0
> Author:     David Carrillo-Cisneros <davidcc@...gle.com>
> AuthorDate: Wed, 17 Aug 2016 13:55:04 -0700
> Committer:  Ingo Molnar <mingo@...nel.org>
> CommitDate: Thu, 18 Aug 2016 10:35:52 +0200
>
> perf/core: Check return value of the perf_event_read() IPI
>
> The call to smp_call_function_single in perf_event_read() may fail if
> an invalid or not online CPU index is passed. Warn user if such bug is
> present and return error.
>
> Signed-off-by: David Carrillo-Cisneros <davidcc@...gle.com>
> Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
> Cc: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
> Cc: Arnaldo Carvalho de Melo <acme@...hat.com>
> Cc: Jiri Olsa <jolsa@...hat.com>
> Cc: Kan Liang <kan.liang@...el.com>
> Cc: Linus Torvalds <torvalds@...ux-foundation.org>
> Cc: Paul Turner <pjt@...gle.com>
> Cc: Peter Zijlstra <peterz@...radead.org>
> Cc: Stephane Eranian <eranian@...gle.com>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Vegard Nossum <vegard.nossum@...il.com>
> Cc: Vince Weaver <vincent.weaver@...ne.edu>
> Link: http://lkml.kernel.org/r/1471467307-61171-2-git-send-email-davidcc@google.com
> Signed-off-by: Ingo Molnar <mingo@...nel.org>
> ---
>  kernel/events/core.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index a5fc5c8..5650f53 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -3549,9 +3549,10 @@ static int perf_event_read(struct perf_event *event, bool group)
>                         .group = group,
>                         .ret = 0,
>                 };
> -               smp_call_function_single(event->oncpu,
> -                                        __perf_event_read, &data, 1);
> -               ret = data.ret;
> +               ret = smp_call_function_single(event->oncpu, __perf_event_read, &data, 1);
> +               /* The event must have been read from an online CPU: */
> +               WARN_ON_ONCE(ret);
> +               ret = ret ? : data.ret;
>         } else if (event->state == PERF_EVENT_STATE_INACTIVE) {
>                 struct perf_event_context *ctx = event->ctx;
>                 unsigned long flags;

Hi,

I'm running into this new warning now:

------------[ cut here ]------------
WARNING: CPU: 0 PID: 23442 at kernel/events/core.c:3554
perf_event_read+0x472/0x590
Kernel panic - not syncing: panic_on_warn set ...

CPU: 0 PID: 23442 Comm: syz-executor Not tainted 4.8.0-rc2+ #145
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org 04/01/2014
0000000000000000 ffff88010d1bf808 ffffffff81f9f201 ffffffff83e72d60
ffff88010d1bf8e0 ffffffff83ecbd00 ffffffff847070c0 ffff88010d1bf8d0
ffffffff8150538a 0000000041b58ab3 ffffffff844dc5dd ffffffff815051a7
Call Trace:
[<ffffffff81f9f201>] dump_stack+0x83/0xb2
[<ffffffff8150538a>] panic+0x1e3/0x3a1
[<ffffffff815051a7>] ? set_ti_thread_flag+0x1e/0x1e
[<ffffffff81505a58>] ? rt_mutex_top_waiter.part.10+0x6/0x6
[<ffffffff813dd140>] ? generic_exec_single+0xf0/0x2d0
[<ffffffff814d86a2>] ? perf_event_read+0x472/0x590
[<ffffffff8126df4f>] __warn+0x1bf/0x1e0
[<ffffffff8126e13c>] warn_slowpath_null+0x2c/0x40
[<ffffffff814d86a2>] perf_event_read+0x472/0x590
[<ffffffff814d8230>] ? perf_event_set_addr_filter+0xad0/0xad0
[<ffffffff814d74fd>] ? perf_event_ctx_lock_nested+0xdd/0x1e0
[<ffffffff814e8aa4>] perf_event_read_value+0x84/0x520
[<ffffffff814d75bc>] ? perf_event_ctx_lock_nested+0x19c/0x1e0
[<ffffffff814d745b>] ? perf_event_ctx_lock_nested+0x3b/0x1e0
[<ffffffff814e9383>] perf_read+0x443/0x8d0
[<ffffffff814e8f40>] ? perf_event_read_value+0x520/0x520
[<ffffffff81e5ae62>] ? common_file_perm+0x2e2/0x380
[<ffffffff816709a2>] do_loop_readv_writev+0x152/0x200
[<ffffffff81d935f6>] ? security_file_permission+0x86/0x1e0
[<ffffffff814e8f40>] ? perf_event_read_value+0x520/0x520
[<ffffffff814e8f40>] ? perf_event_read_value+0x520/0x520
[<ffffffff81673174>] do_readv_writev+0x614/0x700
[<ffffffff81672b60>] ? rw_verify_area+0x2b0/0x2b0
[<ffffffff814d7342>] ? put_ctx+0x22/0x100
[<ffffffff816d16f1>] ? __fget+0x1c1/0x270
[<ffffffff816d1577>] ? __fget+0x47/0x270
[<ffffffff81676d5b>] vfs_readv+0x8b/0xc0
[<ffffffff81676e6e>] do_readv+0xde/0x230
[<ffffffff81676d90>] ? vfs_readv+0xc0/0xc0
[<ffffffff81002b60>] ? exit_to_usermode_loop+0x190/0x190
[<ffffffff82001b07>] ? check_preemption_disabled+0x37/0x1e0
[<ffffffff81677617>] SyS_readv+0x27/0x30
[<ffffffff816775f0>] ? do_pwritev+0x1a0/0x1a0
[<ffffffff81005524>] do_syscall_64+0x1c4/0x4e0
[<ffffffff83c3286a>] entry_SYSCALL64_slow_path+0x25/0x25

I don't think WARN() is the right interface for signalling errors to
userspace programs?


Vegard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ