From: Masami Hiramatsu <mhiramat@kernel.org>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Russell King - ARM Linux <linux@armlinux.org.uk>,
Ingo Molnar <mingo@redhat.com>,
linux-kernel@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>,
Thomas Gleixner <tglx@linutronix.de>,
"H . Peter Anvin" <hpa@zytor.com>, Jon Medhurst <tixy@linaro.org>,
Wang Nan <wangnan0@huawei.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
"David A . Long" <dave.long@linaro.org>,
Sandeepa Prabhu <sandeepa.s.prabhu@gmail.com>
Subject: Re: [BUGFIX PATCH tip/master V2 3/3] kprobes/arm: Fix a possible deadlock case in kretprobe
Date: Sat, 11 Feb 2017 07:33:16 +0900 [thread overview]
Message-ID: <20170211073316.bde61bc3706ede8261bf991d@kernel.org> (raw)
In-Reply-To: <20170210113445.dc7bc683e77dd7ba021663b1@kernel.org>
On Fri, 10 Feb 2017 11:34:45 +0900
Masami Hiramatsu <mhiramat@kernel.org> wrote:
> On Thu, 9 Feb 2017 16:49:00 +0000
> Russell King - ARM Linux <linux@armlinux.org.uk> wrote:
>
> > On Fri, Feb 10, 2017 at 01:32:22AM +0900, Masami Hiramatsu wrote:
> > > Fix a possibility of deadlock case in kretprobe on arm
> > > implementation. There may be a chance that the kretprobe
> > > hash table lock can cause a dead lock.
> > >
> > > The senario is that a user puts 2 kretprobes, one on normal
> > > function and one on a function which can be called from
> > > somewhare which can interrupt in irq disabled critical
> > > section like FIQ.
> >
> > If we:
> > - hit a kernel tracing feature from FIQ context
> > - the tracing feature takes a lock
> > - the lock is also taken elsewhere on the same CPU with IRQs disabled
> >
> > we will quite simply deadlock.
>
> Correct.
>
> > In this case, kretprobe_hash_lock() takes the hlist_lock using
> > raw_spin_lock_irqsave().
> >
> > Now, from what I can see in the kprobes code, this lock is taken in
> > other contexts (eg, kprobe_flush_task()), which means even with this
> > fix, it's still risky if a kprobe is placed on a FIQ-called function.
>
> Oops, right! I'll fix that too. Thanks for pointed out.
>
> >
> > > In this case, if the kernel hits the 1st kretprobe on a
> > > normal function return which calls trampoline_handler(),
> > > acquire a spinlock on the hash table in kretprobe_hash_lock()
> > > and disable irqs. After that, if the 2nd kretprobe is kicked
> > > from FIQ, it also calls trampoline_handler() and tries to
> > > acquire the same spinlock (since the hash is based on
> > > current task, same as the 1st kretprobe), it causes
> > > a deadlock.
> >
> > So my deadlock scenario is:
> >
> > - we're in the middle of kprobe_flush_task()
> > - FIQ happens, calls trampoline_handler()
> > - deadlock in kretprobe_hash_lock()
> >
> > From what I can see, kretprobes in FIQ are just unsafe.
>
> Yes, NMI on x86 too.
>
> > I suspect that avoiding these deadlocks means that we have to deny
> > kprobes from FIQ context - making trampoline_handler() return
> > immediately if in_nmi() is true.
>
> Ah, in_nmi() means FIQ on arm :)
> OK, but actually it is too late to check it in the enter of
> trampoline_handler() since we don't know where is the real
> return address at that point. So I'll check that in setup site
> - kretprobe_pre_handler().
Hmm, pre_handler_kretprobe() already checked in_nmi().
So, I think this will no problem on FIQ too.
Thanks,
--
Masami Hiramatsu <mhiramat@kernel.org>
next prev parent reply other threads:[~2017-02-10 22:33 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-09 16:28 [BUGFIX PATCH tip/master V2 0/3] kprobes: Fix a possible deadlock in kretprobe Masami Hiramatsu
2017-02-09 16:30 ` [BUGFIX PATCH tip/master V2 1/3] kprobes/x86: Fix a possible deadlock case " Masami Hiramatsu
2017-02-09 16:31 ` [BUGFIX PATCH tip/master V2 2/3] kprobes/arm64: " Masami Hiramatsu
2017-02-09 16:32 ` [BUGFIX PATCH tip/master V2 3/3] kprobes/arm: " Masami Hiramatsu
2017-02-09 16:49 ` Russell King - ARM Linux
2017-02-10 2:34 ` Masami Hiramatsu
2017-02-10 22:33 ` Masami Hiramatsu [this message]
2017-02-10 23:21 ` Russell King - ARM Linux
2017-02-11 9:21 ` Masami Hiramatsu
2017-02-10 22:52 ` [BUGFIX PATCH tip/master V2 0/3] kprobes: Fix a possible deadlock " Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170211073316.bde61bc3706ede8261bf991d@kernel.org \
--to=mhiramat@kernel.org \
--cc=ananth@linux.vnet.ibm.com \
--cc=catalin.marinas@arm.com \
--cc=dave.long@linaro.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=sandeepa.s.prabhu@gmail.com \
--cc=tglx@linutronix.de \
--cc=tixy@linaro.org \
--cc=wangnan0@huawei.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.