[PATCH] x86/alternatives: add missing mutex lock in,alternatives_text_reserved

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rui Xiang <rui.xiang@huawei.com>
To: Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
	<x86@kernel.org>
Cc: <linux-kernel@vger.kernel.org>
Subject: [PATCH] x86/alternatives: add missing mutex lock in,alternatives_text_reserved
Date: Mon, 12 Sep 2016 15:18:13 +0800	[thread overview]
Message-ID: <57D656B5.2010308@huawei.com> (raw)

A race between alternatives_text_reserved and alternatives_smp_module_del
occured when traversing the global list smp_alt_modules in 3.4 kernel. It
would casue a panic while reading smp_alt_modules->mod in
alternatives_text_reserved func.

[   14.016190] general protection fault: 0000 [#1] SMP
[   14.016988] CPU 0
[   14.017287] Modules linked in: mlx4_ib(O+) mlx4_en(O+) xb_sa(O)
[   14.020005]
[   14.020005] Pid: 1979, comm: modprobe Tainted: G           O
[   14.020005] RIP: 0010:[<ffffffff81007eb0>]  [<ffffffff81007eb0>] alternatives_text_reserved+0x20/0x80
[   14.020005] RSP: 0018:ffff880ea355bcb8  EFLAGS: 00010283
[   14.020005] RAX: dead000000000100 RBX: ffffffffa02af720 RCX: dead0000000000d0
[   14.020005] RDX: ffffffffa02f0588 RSI: ffffffffa02d2fc0 RDI: ffffffffa02d2fc0
[   14.020005] RBP: ffff880ea355bcb8 R08: ffffffffa02f3b68 R09: 00017f4ae12d2fc0
[   14.020005] R10: 00000000000000e8 R11: ffffffffa02bb9d7 R12: 0000000000000000
[   14.020005] R13: ffffffffa02af720 R14: ffffffffa0307140 R15: ffffffffa02af730
[   14.020005] FS:  00007f26c6acc700(0000) GS:ffff880fff200000(0000) knlGS:0000000000000000
[   14.020005] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[   14.020005] CR2: 00007fd4adc3b000 CR3: 0000000ea40ea000 CR4: 00000000001407f0
[   14.020005] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   14.020005] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[   14.020005] Process modprobe (pid: 1979, threadinfo ffff880ea355a000, task ffff880e9eb9e600)
[   14.020005] Stack:
[   14.020005]  ffff880ea355bcd8 ffffffff8145b148 ffffffffa02af720 ffffffffa02af720
[   14.020005]  ffff880ea355bd18 ffffffff8145ed38 0000000000000000 0000000000000000
[   14.041015]  ffff880ea355bd90 ffffffffa02af720 0000000000000001 ffff880ea355bd90
[   14.041015] Call Trace:
[   14.041015]  [<ffffffff8145b148>] arch_prepare_kprobe+0x18/0x80
[   14.042982]  [<ffffffff8145ed38>] register_kprobe+0x338/0x4c0
[   14.042982]  [<ffffffff8145f658>] register_jprobes+0x98/0xc0
[   14.042982]  [<ffffffff8145f69a>] register_jprobe+0x1a/0x20

It also seems to exist in mainline.

This patch adds the mutex lock smp_alt to fix it.

Cc: stable@vger.kernel.org
Signed-off-by: Rui Xiang <rui.xiang@huawei.com>
---
 arch/x86/kernel/alternative.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
index 5cb272a..7cec0cc 100644
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -563,6 +563,7 @@ int alternatives_text_reserved(void *start, void *end)
 	u8 *text_start = start;
 	u8 *text_end = end;

+	mutex_lock(&smp_alt);
 	list_for_each_entry(mod, &smp_alt_modules, next) {
 		if (mod->text > text_end || mod->text_end < text_start)
 			continue;
@@ -573,6 +574,7 @@ int alternatives_text_reserved(void *start, void *end)
 				return 1;
 		}
 	}
+	mutex_unlock(&smp_alt);	

 	return 0;
 }
-- 
1.8.2.2

next             reply	other threads:[~2016-09-12  7:18 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-09-12  7:18 Rui Xiang [this message]
2016-09-13  2:17 ` [x86/alternatives] 7c14957c0c: INFO: possible circular locking dependency detected ] kernel test robot
2016-09-13  2:17   ` [lkp] " kernel test robot
2016-12-20  8:36 ` [PATCH] x86/alternatives: add missing mutex lock in,alternatives_text_reserved Rui Xiang

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:5cb272a dfblob:7cec0cc )
 OR (
bs:"[PATCH] x86/alternatives: add missing mutex lock in,alternatives_text_reserved" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=57D656B5.2010308@huawei.com \
    --to=rui.xiang@huawei.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.