[PATCH 0/1] uprobes: mmap_region() corrupts mm->mm_rb if uprobe_mmap() fails

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Anton Arapov <anton@redhat.com>, Ingo Molnar <mingo@elte.hu>,
	Srikar Dronamraju <srikar@linux.vnet.ibm.com>,
	William Cohen <wcohen@redhat.com>,
	linux-kernel@vger.kernel.org
Subject: [PATCH 0/1] uprobes: mmap_region() corrupts mm->mm_rb if uprobe_mmap() fails
Date: Sun, 19 Aug 2012 19:09:17 +0200	[thread overview]
Message-ID: <20120819170917.GA26953@redhat.com> (raw)

Hello.

I guess this patch was forgotten due to the lengthy discussion,
see http://marc.info/?t=134349366100001

I am re-sending it because it fixes the serious and easy-to-trigger
problem. Just do something like

	# echo "p /bin/true:OFFSET_OF_INVALID_INSN" > tracing/uprobe_events
	# /bin/true

to crash the kernel. I think this is 3.6/stable material, the
patch is simple and obviously can't make any harm.

Just in case... Yes, this is not what we want in the long term,
but there is no simple fix for now and we need other changes in
uprobe.c before we can teach mmap_region() to handle the error
from uprobe_mmap().

Oleg.

next             reply	other threads:[~2012-08-19 17:12 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-08-19 17:09 Oleg Nesterov [this message]
2012-08-19 17:09 ` [PATCH 0/1] uprobes: mmap_region() corrupts mm->mm_rb if uprobe_mmap() fails Oleg Nesterov
2012-08-19 17:13   ` Oleg Nesterov
2012-08-19 17:10 ` [PATCH 1/1] " Oleg Nesterov
2012-08-21 16:37   ` [tip:perf/urgent] uprobes: Fix mmap_region()'s mm-> mm_rb corruption " tip-bot for Oleg Nesterov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120819170917.GA26953@redhat.com \
    --to=oleg@redhat.com \
    --cc=anton@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@elte.hu \
    --cc=srikar@linux.vnet.ibm.com \
    --cc=torvalds@linux-foundation.org \
    --cc=wcohen@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).