From: Ingo Molnar <mingo@kernel.org>
To: "Bruno Prémont" <bonbons@linux-vserver.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
Greg KH <gregkh@linuxfoundation.org>,
Peter Zijlstra <peterz@infradead.org>,
linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH v2] Prevent crash on unset sysfs group attributes
Date: Tue, 3 Apr 2012 09:53:43 +0200 [thread overview]
Message-ID: <20120403075343.GE26826@gmail.com> (raw)
In-Reply-To: <20120403094107.4f641ed8@pluto.restena.lu>
* Bruno Prémont <bonbons@linux-vserver.org> wrote:
> Do not let the kernel crash when a device is registered with
> sysfs while group attributes are not set (aka NULL).
>
> Warn about the offender with some information about the offending
> device.
>
> This would warn instead of trying NULL pointer deref like:
> BUG: unable to handle kernel NULL pointer dereference at
> (null) IP: [<ffffffff81152673>] internal_create_group+0x83/0x1a0
> PGD 0
> Oops: 0000 [#1] SMP
> CPU 0
> Modules linked in:
>
> Pid: 1, comm: swapper/0 Not tainted 3.4.0-rc1-x86_64 #3 HP ProLiant
> DL360 G4 RIP: 0010:[<ffffffff81152673>] [<ffffffff81152673>]
> internal_create_group+0x83/0x1a0 RSP: 0018:ffff88019485fd70 EFLAGS:
> 00010202 RAX: 0000000000000001 RBX: 0000000000000000 RCX:
> 0000000000000001 RDX: ffff880192e99908 RSI: ffff880192e99630 RDI:
> ffffffff81a26c60 RBP: ffff88019485fdc0 R08: 0000000000000000 R09:
> 0000000000000000 R10: ffff880192e99908 R11: 0000000000000000 R12:
> ffffffff81a16a00 R13: ffff880192e99908 R14: ffffffff81a16900 R15:
> 0000000000000000 FS: 0000000000000000(0000) GS:ffff88019bc00000(0000)
> knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0:
> 000000008005003b CR2: 0000000000000000 CR3: 0000000001a0c000 CR4:
> 00000000000007f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2:
> 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
> 0000000000000400 Process swapper/0 (pid: 1, threadinfo
> ffff88019485e000, task ffff880194878000) Stack:
> ffff88019485fdd0 ffff880192da9d60 0000000000000000 ffff880192e99908
> ffff880192e995d8 0000000000000001 ffffffff81a16a00 ffff880192da9d60
> 0000000000000000 0000000000000000 ffff88019485fdd0 ffffffff811527be
> Call Trace:
> [<ffffffff811527be>] sysfs_create_group+0xe/0x10
> [<ffffffff81376ca6>] device_add_groups+0x46/0x80
> [<ffffffff81377d3d>] device_add+0x46d/0x6a0
> ...
>
> Signed-off-by: Bruno Prémont <bonbons@linux-vserver.org>
> ---
>
> On Tue, 3 Apr 2012 09:15:43 Ingo Molnar wrote:
> > > > Greg, is this ok for you or should the check be moved out to
> > > > calling internal_create_group()?
> > >
> > > Please put changes in internal_create_group where all of the
> > > rest of the checks are.
> >
> > So you *do* agree that a check in a generic place is useful
> > after all? ;-)
> >
> > > We should do something like:
> > > if (!grp->attrs) {
> > > WARN(1, "sysfs: idiot subsystem did not include attrs for group: %s/%s\n"
> > > kobj->name, grp->name?"":grp->name);
> > > return -EINVAL;
> > > }
> > >
> > > As it stands your patch is horrible it leaves sysfs in an
> > > inconsistent state. Creating the directory and leaving it
> > > there. Not returning an error code. It looks like there are
> > > all kinds of weird problems that removing the group or
> > > updating the group could get into if we go with your patch.
> >
> > This is actually a sensible suggestion. Bruno, mind updating
> > your patch to do something like this? Assuming Greg agrees with
> > putting the check/warning there.
>
> Here come a respin with Eric's suggestion.
>
> In my case it would show the following result:
>
> [ 0.975025] ------------[ cut here ]------------
> [ 0.977507] WARNING: at /data/kernel/linux-2.6-git/fs/sysfs/group.c:72 internal_create_group+0x18c/0x1f0()
> [ 0.981932] Hardware name: ProLiant DL360 G4
> [ 0.983916] sysfs: attrs not set by subsystem for group: cpu/
> [ 0.987030] Modules linked in:
> [ 0.988664] Pid: 1, comm: swapper/0 Not tainted 3.4.0-rc1-x86_64 #6
> [ 0.991639] Call Trace:
> [ 0.992911] [<ffffffff8104d11a>] warn_slowpath_common+0x7a/0xb0
> [ 0.995903] [<ffffffff8104d1f1>] warn_slowpath_fmt+0x41/0x50
> [ 0.998593] [<ffffffff8115277c>] internal_create_group+0x18c/0x1f0
> [ 1.001366] [<ffffffff8115280e>] sysfs_create_group+0xe/0x10
> [ 1.003898] [<ffffffff81376cf6>] device_add_groups+0x46/0x80
> [ 1.006955] [<ffffffff81377d8d>] device_add+0x46d/0x6a0
> [ 1.009565] [<ffffffff813778e1>] ? device_private_init+0x51/0x90
> [ 1.012806] [<ffffffff81a98975>] ? utsname_sysctl_init+0x14/0x14
> [ 1.015866] [<ffffffff810a7228>] pmu_dev_alloc+0x98/0xe0
> [ 1.018234] [<ffffffff81a98975>] ? utsname_sysctl_init+0x14/0x14
> [ 1.021408] [<ffffffff81a989c0>] perf_event_sysfs_init+0x4b/0x9a
> [ 1.025517] [<ffffffff810002ad>] do_one_initcall+0x3d/0x170
> [ 1.029102] [<ffffffff81a85cbd>] kernel_init+0x12d/0x1be
> [ 1.031844] [<ffffffff81a85505>] ? rdinit_setup+0x28/0x28
> [ 1.034571] [<ffffffff815f3794>] kernel_thread_helper+0x4/0x10
> [ 1.037734] [<ffffffff81a85b90>] ? start_kernel+0x373/0x373
> [ 1.040790] [<ffffffff815f3790>] ? gs_change+0xb/0xb
> [ 1.043354] ---[ end trace 319c95c486d7d9cd ]---
> [ 1.045536] ------------[ cut here ]------------
> [ 1.047640] WARNING: at /data/kernel/linux-2.6-git/kernel/events/core.c:7144 perf_event_sysfs_init+0x70/0x9a()
> [ 1.052595] Hardware name: ProLiant DL360 G4
> [ 1.055027] Failed to register pmu: cpu, reason -22
> [ 1.057720] Modules linked in:
> [ 1.059284] Pid: 1, comm: swapper/0 Tainted: G W 3.4.0-rc1-x86_64 #6
> [ 1.062785] Call Trace:
> [ 1.064094] [<ffffffff8104d11a>] warn_slowpath_common+0x7a/0xb0
> [ 1.067192] [<ffffffff81a98975>] ? utsname_sysctl_init+0x14/0x14
> [ 1.070305] [<ffffffff8104d1f1>] warn_slowpath_fmt+0x41/0x50
> [ 1.073129] [<ffffffff810a7244>] ? pmu_dev_alloc+0xb4/0xe0
> [ 1.075771] [<ffffffff81a989e5>] perf_event_sysfs_init+0x70/0x9a
> [ 1.078878] [<ffffffff810002ad>] do_one_initcall+0x3d/0x170
> [ 1.081879] [<ffffffff81a85cbd>] kernel_init+0x12d/0x1be
> [ 1.084714] [<ffffffff81a85505>] ? rdinit_setup+0x28/0x28
> [ 1.087754] [<ffffffff815f3794>] kernel_thread_helper+0x4/0x10
> [ 1.090639] [<ffffffff81a85b90>] ? start_kernel+0x373/0x373
> [ 1.093372] [<ffffffff815f3790>] ? gs_change+0xb/0xb
> [ 1.096312] ---[ end trace 319c95c486d7d9ce ]---
>
>
>
> fs/sysfs/group.c | 6 +++++-
> 1 files changed, 5 insertions(+), 1 deletions(-)
>
> diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
> index dd1701c..2df555c 100644
> --- a/fs/sysfs/group.c
> +++ b/fs/sysfs/group.c
> @@ -67,7 +67,11 @@ static int internal_create_group(struct kobject *kobj, int update,
> /* Updates may happen before the object has been instantiated */
> if (unlikely(update && !kobj->sd))
> return -EINVAL;
> -
> + if (!grp->attrs) {
> + WARN(1, "sysfs: attrs not set by subsystem for group: %s/%s\n",
> + kobj->name, grp->name ? "" : grp->name);
> + return -EINVAL;
> + }
Acked-by: Ingo Molnar <mingo@elte.hu>
Thanks,
Ingo
next prev parent reply other threads:[~2012-04-03 7:53 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-02 14:27 [3.4-rc1 crash]: NULL pointer deref in fs/sysfs/group.c:create_files -- sysctl related? Bruno Prémont
2012-04-02 14:50 ` Bruno Prémont
2012-04-02 19:01 ` Eric W. Biederman
2012-04-02 19:34 ` Bruno Prémont
2012-04-02 20:04 ` David Ahern
2012-04-03 8:30 ` Jiri Olsa
2012-04-02 21:24 ` Peter Zijlstra
2012-04-02 21:46 ` Peter Zijlstra
2012-04-03 5:38 ` Bruno Prémont
2012-04-03 6:02 ` Ingo Molnar
2012-04-03 6:17 ` [PATCH] Prevent crash on missing sysfs attribute group Bruno Prémont
2012-04-03 6:31 ` Ingo Molnar
2012-04-03 7:11 ` Eric W. Biederman
2012-04-03 7:15 ` Ingo Molnar
2012-04-03 7:41 ` [PATCH v2] Prevent crash on unset sysfs group attributes Bruno Prémont
2012-04-03 7:51 ` Eric W. Biederman
2012-04-03 7:53 ` Ingo Molnar [this message]
2012-04-03 7:59 ` [PATCH v2a] sysfs: " Bruno Prémont
2012-04-03 8:06 ` Ingo Molnar
2012-04-03 7:50 ` [PATCH] Prevent crash on missing sysfs attribute group Eric W. Biederman
2012-04-03 8:04 ` Ingo Molnar
2012-04-03 8:52 ` Eric W. Biederman
2012-04-03 10:16 ` Ingo Molnar
2012-04-03 10:46 ` Eric W. Biederman
2012-04-03 22:34 ` Ingo Molnar
2012-04-03 14:27 ` Peter Zijlstra
2012-04-03 23:22 ` Eric W. Biederman
2012-04-03 23:26 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120403075343.GE26826@gmail.com \
--to=mingo@kernel.org \
--cc=bonbons@linux-vserver.org \
--cc=ebiederm@xmission.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).