lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 21 Sep 2022 09:21:50 -0400
From:   Waiman Long <longman@...hat.com>
To:     Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...hat.com>, Will Deacon <will@...nel.org>,
        Boqun Feng <boqun.feng@...il.com>,
        Steven Rostedt <rostedt@...dmis.org>
Cc:     linux-kernel@...r.kernel.org, Waiman Long <longman@...hat.com>
Subject: [PATCH 0/2] locking, tracing: Fix incorrect use of arch_spin_lock()

It is found that running the LTP read_all_proc test may cause the
following warning to show up:

[12512.905036] BUG: using smp_processor_id() in preemptible [00000000] code: read_all/133711
[12512.913499] caller is __pv_queued_spin_lock_slowpath+0x7f/0xd30
[12512.921163] CPU: 3 PID: 133711 Comm: read_all Kdump: loaded Tainted: G           OE    --------- ---  5.14.0-163.el9.x86_64+debug #1
[12512.936652] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[12512.944213] Call Trace:
[12512.950660]  dump_stack_lvl+0x57/0x81
[12512.957400]  check_preemption_disabled+0xcc/0xd0
[12512.964487]  __pv_queued_spin_lock_slowpath+0x7f/0xd30
[12512.971552]  ? pv_hash+0x110/0x110
[12512.978119]  ? __lock_acquire+0xb72/0x1870
[12512.984683]  tracing_saved_cmdlines_size_read+0x177/0x190
[12512.991655]  ? saved_cmdlines_start+0x2c0/0x2c0
[12512.998355]  ? inode_security+0x54/0xf0
[12513.004548]  ? selinux_file_permission+0x324/0x420
[12513.011185]  ? lock_downgrade+0x130/0x130
[12513.017423]  ? fsnotify_perm.part.0+0x14a/0x4c0
[12513.023715]  vfs_read+0x126/0x4d0
[12513.029432]  ksys_read+0xf9/0x1d0
[12513.035131]  ? __ia32_sys_pwrite64+0x1e0/0x1e0
[12513.041028]  ? ktime_get_coarse_real_ts64+0x130/0x170
[12513.047167]  do_syscall_64+0x59/0x90
[12513.052656]  ? lockdep_hardirqs_on+0x79/0x100
[12513.058268]  ? do_syscall_64+0x69/0x90
[12513.063593]  ? lockdep_hardirqs_on+0x79/0x100
[12513.069022]  ? do_syscall_64+0x69/0x90
[12513.074137]  ? lockdep_hardirqs_on+0x79/0x100
[12513.079533]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[12513.085015] RIP: 0033:0x7f93f09d38c2

So tracing_saved_cmdlines_size_read() does call arch_spin_lock() with
preemption enabled. Looking at other arch_spin_lock() call sites in
kernel/trace/trace.c, there are several others that may have the same
problem. Other arch_spin_lock() callers under kernel look OK as
irqs has been disabled before calling arch_spin_lock().

Add a do_arch_spin_lock() helper that disables preemption and make
kernel/trace/trace.c use it if it is not obvious that either preemption
or interrupt has been disabled.

Waiman Long (2):
  locking: Provide a low overhead do_arch_spin_lock() API
  tracing: Use proper do_arch_spin_lock() API

 include/linux/spinlock.h | 27 +++++++++++++++++++++
 kernel/trace/trace.c     | 52 +++++++++++++++++++---------------------
 2 files changed, 51 insertions(+), 28 deletions(-)

-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ