lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 5 May 2020 15:00:34 -0400
From:   Qian Cai <cai@....pw>
To:     "Paul E. McKenney" <paulmck@...nel.org>
Cc:     Al Viro <viro@...IV.linux.org.uk>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-fsdevel@...r.kernel.org
Subject: Re: splice() rcu_sched self-detected stall on CPU



> On May 5, 2020, at 2:57 PM, Paul E. McKenney <paulmck@...nel.org> wrote:
> 
> On Mon, May 04, 2020 at 03:11:09PM -0400, Qian Cai wrote:
>> Running a syscall fuzzer inside a container on linux-next floods systems with soft lockups. It looks like stuck in this line at iov_iter_copy_from_user_atomic(), Thoughts?
>> 
>> iterate_all_kinds(i, bytes, v,
>>                copyin((p += v.iov_len) - v.iov_len, v.iov_base, v.iov_len),
>>                memcpy_from_page((p += v.bv_len) - v.bv_len, v.bv_page,
>>                                 v.bv_offset, v.bv_len),
>>                memcpy((p += v.iov_len) - v.iov_len, v.iov_base, v.iov_len)
>>        )
> 
> If the size being copied is large enough, something like this might happen.
> 
> Is this a CONFIG_PREEMPT=n kernel?  And is the size passed in to

Yes, CONFIG_PREEMPT=n.

> iov_iter_copy_from_user_atomic() quite large, given that this is generated
> by a fuzzer?  If so, one thing to try is to add cond_resched() in the
> iterate_bvec(), iterate_kvec(), and iterate_iovec() macros.

I’ll try that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ