From: Michael Ellerman <mpe@ellerman.id.au>
To: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: Petr Mladek <pmladek@suse.com>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
"Tobin C . Harding" <me@tobin.cc>, Michal Hocko <mhocko@suse.cz>,
Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>,
linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
Russell Currey <ruscur@russell.cc>,
Christophe Leroy <christophe.leroy@c-s.fr>,
Stephen Rothwell <sfr@ozlabs.org>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
linux-arch@vger.kernel.org, linux-s390@vger.kernel.org,
Martin Schwidefsky <schwidefsky@de.ibm.com>
Subject: Re: [PATCH] vsprintf: Do not break early boot with probing addresses
Date: Fri, 10 May 2019 16:41:24 +1000 [thread overview]
Message-ID: <87h8a2vmjv.fsf@concordia.ellerman.id.au> (raw)
Message-ID: <20190510064124.q7J_CwuPPeHjW5ZMFj9t16uRiB6ATm6nxxi7Biu_ngY@z> (raw)
In-Reply-To: <20190510050709.GA1831@jagdpanzerIV>
Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com> writes:
> On (05/09/19 21:47), Linus Torvalds wrote:
>> [ Sorry about html and mobile crud, I'm not at the computer right now ]
>> How about we just undo the whole misguided probe_kernel_address() thing?
>
> But the problem will remain - %pS/%pF on PPC (and some other arch-s)
> do dereference_function_descriptor(), which calls probe_kernel_address().
(Only on 64-bit big endian, and we may even change that one day)
> So if probe_kernel_address() starts to dump_stack(), then we are heading
> towards stack overflow. Unless I'm totally missing something.
We only ended up calling dump_stack() from probe_kernel_address() due to
a combination of things:
1. probe_kernel_address() actually uses __copy_from_user_inatomic()
which is silly because it's not doing a user access.
2. our user access code uses mmu_has_feature() which uses jump labels,
and so isn't safe to call until we've initialised those jump labels.
This is unnecessarily fragile, we can easily make the user access
code safe to call before the jump labels are initialised.
3. we had extra debug code enabled in mmu_has_feature() which calls
dump_stack().
I've fixed 2, and plan to fix 1 as well at some point. And 3 is behind a
CONFIG option that no one except me is going to have enabled in
practice.
So in future we shouldn't be calling dump_stack() in that path.
cheers
next prev parent reply other threads:[~2019-05-10 6:41 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20190509121923.aQycz_mOWrrZRdG61KMh7qtBiiaqDuu5CXB5Ufi79nE@z>
2019-05-09 12:19 ` [PATCH] vsprintf: Do not break early boot with probing addresses Petr Mladek
[not found] ` <20190509130512.eOpTHWX1Vw219J1juYw-SpeQRpBzQZT5CGSN2gh29i4@z>
2019-05-09 13:05 ` Andy Shevchenko
[not found] ` <20190509131357.ae3kG3RqVx9kjP66InzbRDur4-P1bAbE2QdMj6Mn17c@z>
2019-05-09 13:13 ` Steven Rostedt
[not found] ` <20190509140609.pGTLvlSQI_xy_YFvhBzkQV7ZWu_ABMDICwAH3s7J8IA@z>
2019-05-09 14:06 ` Petr Mladek
[not found] ` <20190509133829.35pSRgEMpcLhNbfDUK9sCV-aSZSNvQEOVDu8hmrRnzU@z>
2019-05-09 13:38 ` Michal Suchánek
[not found] ` <20190509134659.kYjGd-skkWNID8rAreeNzTDTLfzq382O0FQCZ5calZI@z>
2019-05-09 13:46 ` David Laight
2019-05-10 10:21 ` Michael Ellerman
[not found] ` <20190510043200.8FxCQhSO0N0LIZ4YtumRMpgw45VDU75TKeSE5eHU2dc@z>
2019-05-10 4:32 ` Sergey Senozhatsky
2019-05-10 4:47 ` Linus Torvalds
[not found] ` <20190510050709.ugUsmdWEg2-_zeuhzXY9dG3VOFvC7DcdjoUsQ1gSOxk@z>
2019-05-10 5:07 ` Sergey Senozhatsky
[not found] ` <20190510064124.q7J_CwuPPeHjW5ZMFj9t16uRiB6ATm6nxxi7Biu_ngY@z>
2019-05-10 6:41 ` Michael Ellerman [this message]
[not found] ` <20190510080602.36-virBOPDomDAXDbVYusr-C7NH4SabZGccCMnPdJH4@z>
2019-05-10 8:06 ` Petr Mladek
2019-05-10 8:16 ` Sergey Senozhatsky
[not found] ` <20190510084213.8Fn-MjbMg2bybTStBKHj9OvLB7rut0bqt0KPaIdXS6w@z>
2019-05-10 8:42 ` Petr Mladek
[not found] ` <20190510085121.odNKC0TIP5NjjMowx6VFDfGImLYzeJZz8lrq7Yx7_hk@z>
2019-05-10 8:51 ` Sergey Senozhatsky
[not found] ` <20190510144917.9fXSsk7NOInbDA76CH7cG3WBj0FI-4Dwb2Tk9_C4zpU@z>
2019-05-10 14:49 ` Petr Mladek
[not found] ` <20190510162401.zyjRI2h57ECWKi8XIr7nNNUOwR44kpMVP_pAyDYOETo@z>
2019-05-10 16:24 ` Steven Rostedt
[not found] ` <20190510163258.qn3246r2dHdhqWhvmxZO4mIbhuwcSMjfnXQQlH0ZaHs@z>
2019-05-10 16:32 ` Martin Schwidefsky
[not found] ` <20190510164058.TGQUcmQqwQN4_qlomMwU48TPGVQzXQVM4L1sbRoiVqY@z>
2019-05-10 16:40 ` Steven Rostedt
[not found] ` <20190510164548.hSfrXK8q_ZGsqqE57NiR7n0OFDEvIcwdE7j7PZU7lac@z>
2019-05-10 16:45 ` Martin Schwidefsky
[not found] ` <20190513122424.Bzyc5wNhgHc3y9K3Vn-j74_9etFbZZ5gQ1QPdKl6DWc@z>
2019-05-13 12:24 ` Petr Mladek
[not found] ` <20190510164134.MOFEXv4lZ0byKuO5xFyCeqdaA9zePgipycDNWtjfBrg@z>
2019-05-10 16:41 ` Andy Shevchenko
[not found] ` <20190510173529.XATeuZJ4qvPsIGIrHM2kfdN6CdMiyb6gddK2hUaBa-I@z>
2019-05-10 17:35 ` christophe leroy
[not found] ` <20190513085241.CwbAqRfT4AD-BNv6ycJNL377JFUjP7hKf_PblscZCMA@z>
2019-05-13 8:52 ` David Laight
[not found] ` <20190513091320.1ZqC-JL0QLpgZiAEDAqK_gfjSO6wDFbjpn4v4t2QXOE@z>
2019-05-13 9:13 ` Andy Shevchenko
[not found] ` <20190513124220.pxn2l_kLvtCUhSGnQPpm0fECHh3Y6INT5S5RWf6pfe4@z>
2019-05-13 12:42 ` Petr Mladek
[not found] ` <20190513141550.nMZbc9Db_wQfUJwYwkQTsbqWEg3wp15GgYxSKNUijyQ@z>
2019-05-13 14:15 ` Steven Rostedt
[not found] ` <20190514020730.g4cTS2GpqhzzEgKbRibvfxOK38Jika-NdjcqZLJn1As@z>
2019-05-14 2:07 ` Sergey Senozhatsky
[not found] ` <20190514022526.vllOcw77HB9TYfH3e8ZSGlZ1g_E72jw6dA10uIIz-Dw@z>
2019-05-14 2:25 ` Sergey Senozhatsky
[not found] ` <20190514082821.vHA7v2O08oEYQIonTCUC1XbIM9aVA42znGjzYx0yqEA@z>
2019-05-14 8:28 ` David Laight
[not found] ` <20190514090217.YS1_XeAyyiXu8TPl6BFDc3rpbtL4aynuSYfokOJWYaU@z>
2019-05-14 9:02 ` Geert Uytterhoeven
[not found] ` <20190514183751.e9m7K3oevIRrilsKNzAtPbZ1iFL7XriqpwHrBnk9krU@z>
2019-05-14 18:37 ` Steven Rostedt
[not found] ` <20190514191306.iYLu_pdr2N7Q3pR0cC87rvIUTuczSZBRSyh5RyX1ny0@z>
2019-05-14 19:13 ` Geert Uytterhoeven
[not found] ` <20190514193503.XdZN4DHnv7PT3ysPIU9r8z4k2mgdzV7WD0-q-GTF5Zk@z>
2019-05-14 19:35 ` Steven Rostedt
[not found] ` <20190515072305.E1DEATG-MTVuAOpUj2pEKMYi_9cV96M6GcmiMB3QY8Q@z>
2019-05-15 7:23 ` Geert Uytterhoeven
[not found] ` <20190515075339.CYb8ZQm6zt6Kfk3OqcAqbBwh7Xb51oxEZ6kRCINiTz8@z>
2019-05-15 7:53 ` Petr Mladek
[not found] ` <20190515062111.T5hZGjKZK2a2swDTBpkbB4UbIVTKWVNPATVUxxRnwVM@z>
2019-05-15 6:21 ` Sergey Senozhatsky
[not found] ` <20190515073542.1LbG-sjR-mgtUP_Qb2B1cDfKE6rXwecam2gTdfB60ro@z>
2019-05-15 7:35 ` Petr Mladek
2019-05-15 9:00 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h8a2vmjv.fsf@concordia.ellerman.id.au \
--to=mpe@ellerman.id.au \
--cc=andriy.shevchenko@linux.intel.com \
--cc=christophe.leroy@c-s.fr \
--cc=heiko.carstens@de.ibm.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=me@tobin.cc \
--cc=mhocko@suse.cz \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
--cc=ruscur@russell.cc \
--cc=schwidefsky@de.ibm.com \
--cc=sergey.senozhatsky.work@gmail.com \
--cc=sergey.senozhatsky@gmail.com \
--cc=sfr@ozlabs.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox