lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 16 Sep 2016 08:05:20 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     tip-bot for Andy Lutomirski <tipbot@...or.com>,
        linux-tip-commits@...r.kernel.org, luto@...nel.org, hpa@...or.com,
        dvlasenk@...hat.com, linux-kernel@...r.kernel.org, jann@...jh.net,
        peterz@...radead.org, torvalds@...ux-foundation.org,
        brgerst@...il.com, tglx@...utronix.de, bp@...en8.de
Subject: [PATCH] x86/dumpstack: remove NULL task pointer convention

On Fri, Sep 16, 2016 at 02:57:54PM +0200, Ingo Molnar wrote:
> 
> * Josh Poimboeuf <jpoimboe@...hat.com> wrote:
> 
> > On Fri, Sep 16, 2016 at 06:55:57AM -0500, Josh Poimboeuf wrote:
> > > On Fri, Sep 16, 2016 at 02:17:46AM -0700, tip-bot for Andy Lutomirski wrote:
> > > > Commit-ID:  1959a60182f48879635812a03a99c02231ea8677
> > > > Gitweb:     http://git.kernel.org/tip/1959a60182f48879635812a03a99c02231ea8677
> > > > Author:     Andy Lutomirski <luto@...nel.org>
> > > > AuthorDate: Thu, 15 Sep 2016 22:45:45 -0700
> > > > Committer:  Ingo Molnar <mingo@...nel.org>
> > > > CommitDate: Fri, 16 Sep 2016 09:18:53 +0200
> > > > 
> > > > x86/dumpstack: Pin the target stack when dumping it
> > > > 
> > > > Specifically, pin the stack in save_stack_trace_tsk() and
> > > > show_trace_log_lvl().
> > > > 
> > > > This will prevent a crash if the target task dies before or while
> > > > dumping its stack once we start freeing task stacks early.
> > > 
> > > This causes a hang:
> > 
> > The problem is that show_stack_log_lvl() can be called with a NULL
> > task_struct pointer to indicate 'current'.
> 
> Could you please send a quick fix that addresses the hang by turning the NULL into 
> 'current' or so?
> 
> > No idea why that convention exists -- IMO we should just require the
> > caller to pass 'current' directly.
> 
> For hysterical raisins I believe. It appears just a single caller passes 
> non-current. Feel free to change this.

I've verified that this fixes it.  It can be applied before Andy's patch
(or after if you don't want to rebase).

---

From: Josh Poimboeuf <jpoimboe@...hat.com>
Subject: [PATCH] x86/dumpstack: remove NULL task pointer convention

show_stack_log_lvl() and friends allow a NULL pointer for the
task_struct to indicate the current task.  This creates confusion and
can cause sneaky bugs.

Instead require the caller to pass 'current' directly.

This only changes the internal workings of the dumpstack code.  The
dump_trace() and show_stack() interfaces still allow a NULL task
pointer.  Those interfaces should also probably be fixed as well.

Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
---
 arch/x86/include/asm/stacktrace.h | 4 ++--
 arch/x86/kernel/dumpstack.c       | 4 +++-
 arch/x86/kernel/dumpstack_32.c    | 2 +-
 arch/x86/kernel/dumpstack_64.c    | 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/arch/x86/include/asm/stacktrace.h b/arch/x86/include/asm/stacktrace.h
index 780a83e..ed2be1b 100644
--- a/arch/x86/include/asm/stacktrace.h
+++ b/arch/x86/include/asm/stacktrace.h
@@ -94,7 +94,7 @@ get_frame_pointer(struct task_struct *task, struct pt_regs *regs)
 	if (regs)
 		return (unsigned long *)regs->bp;
 
-	if (!task || task == current)
+	if (task == current)
 		return __builtin_frame_address(0);
 
 	return (unsigned long *)((struct inactive_task_frame *)task->thread.sp)->bp;
@@ -113,7 +113,7 @@ get_stack_pointer(struct task_struct *task, struct pt_regs *regs)
 	if (regs)
 		return (unsigned long *)kernel_stack_pointer(regs);
 
-	if (!task || task == current)
+	if (task == current)
 		return __builtin_frame_address(0);
 
 	return (unsigned long *)task->thread.sp;
diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index aa208e5..e0648f7 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -175,11 +175,13 @@ void show_stack(struct task_struct *task, unsigned long *sp)
 {
 	unsigned long bp = 0;
 
+	task = task ? : current;
+
 	/*
 	 * Stack frames below this one aren't interesting.  Don't show them
 	 * if we're printing for %current.
 	 */
-	if (!sp && (!task || task == current)) {
+	if (!sp && task == current) {
 		sp = get_stack_pointer(current, NULL);
 		bp = (unsigned long)get_frame_pointer(current, NULL);
 	}
diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
index 2d65cfa..ded285c 100644
--- a/arch/x86/kernel/dumpstack_32.c
+++ b/arch/x86/kernel/dumpstack_32.c
@@ -200,7 +200,7 @@ void show_regs(struct pt_regs *regs)
 		u8 *ip;
 
 		pr_emerg("Stack:\n");
-		show_stack_log_lvl(NULL, regs, NULL, 0, KERN_EMERG);
+		show_stack_log_lvl(current, regs, NULL, 0, KERN_EMERG);
 
 		pr_emerg("Code:");
 
diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c
index 8cb6004..4fac236 100644
--- a/arch/x86/kernel/dumpstack_64.c
+++ b/arch/x86/kernel/dumpstack_64.c
@@ -273,7 +273,7 @@ void show_regs(struct pt_regs *regs)
 		u8 *ip;
 
 		printk(KERN_DEFAULT "Stack:\n");
-		show_stack_log_lvl(NULL, regs, NULL, 0, KERN_DEFAULT);
+		show_stack_log_lvl(current, regs, NULL, 0, KERN_DEFAULT);
 
 		printk(KERN_DEFAULT "Code: ");
 
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ