diff options
| author | Dmitry Adamushko <dmitry.adamushko@gmail.com> | 2012-03-22 16:39:25 -0400 |
|---|---|---|
| committer | H. Peter Anvin <hpa@zytor.com> | 2012-03-22 16:50:25 -0400 |
| commit | 29a2e2836ff9ea65a603c89df217f4198973a74f (patch) | |
| tree | 8570ae8b4b95995497b69495a4c9db351d0d6720 /arch/x86 | |
| parent | 446e1c86d51d0823e003a43a2b85c430efce2733 (diff) | |
x86-32: Fix endless loop when processing signals for kernel tasks
The problem occurs on !CONFIG_VM86 kernels [1] when a kernel-mode task
returns from a system call with a pending signal.
A real-life scenario is a child of 'khelper' returning from a failed
kernel_execve() in ____call_usermodehelper() [ kernel/kmod.c ].
kernel_execve() fails due to a pending SIGKILL, which is the result of
"kill -9 -1" (at least, busybox's init does it upon reboot).
The loop is as follows:
* syscall_exit_work:
- work_pending: // start_of_the_loop
- work_notify_sig:
- do_notify_resume()
- do_signal()
- if (!user_mode(regs)) return;
- resume_userspace // TIF_SIGPENDING is still set
- work_pending // so we call work_pending => goto
// start_of_the_loop
More information can be found in another LKML thread:
http://www.serverphorums.com/read.php?12,457826
[1] the problem was also seen on MIPS.
Signed-off-by: Dmitry Adamushko <dmitry.adamushko@gmail.com>
Link: http://lkml.kernel.org/r/1332448765.2299.68.camel@dimm
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Roland McGrath <roland@hack.frob.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Diffstat (limited to 'arch/x86')
| -rw-r--r-- | arch/x86/kernel/entry_32.S | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S index 79d97e68f042..7b784f4ef1e4 100644 --- a/arch/x86/kernel/entry_32.S +++ b/arch/x86/kernel/entry_32.S | |||
| @@ -98,12 +98,6 @@ | |||
| 98 | #endif | 98 | #endif |
| 99 | .endm | 99 | .endm |
| 100 | 100 | ||
| 101 | #ifdef CONFIG_VM86 | ||
| 102 | #define resume_userspace_sig check_userspace | ||
| 103 | #else | ||
| 104 | #define resume_userspace_sig resume_userspace | ||
| 105 | #endif | ||
| 106 | |||
| 107 | /* | 101 | /* |
| 108 | * User gs save/restore | 102 | * User gs save/restore |
| 109 | * | 103 | * |
| @@ -327,10 +321,19 @@ ret_from_exception: | |||
| 327 | preempt_stop(CLBR_ANY) | 321 | preempt_stop(CLBR_ANY) |
| 328 | ret_from_intr: | 322 | ret_from_intr: |
| 329 | GET_THREAD_INFO(%ebp) | 323 | GET_THREAD_INFO(%ebp) |
| 330 | check_userspace: | 324 | resume_userspace_sig: |
| 325 | #ifdef CONFIG_VM86 | ||
| 331 | movl PT_EFLAGS(%esp), %eax # mix EFLAGS and CS | 326 | movl PT_EFLAGS(%esp), %eax # mix EFLAGS and CS |
| 332 | movb PT_CS(%esp), %al | 327 | movb PT_CS(%esp), %al |
| 333 | andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax | 328 | andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax |
| 329 | #else | ||
| 330 | /* | ||
| 331 | * We can be coming here from a syscall done in the kernel space, | ||
| 332 | * e.g. a failed kernel_execve(). | ||
| 333 | */ | ||
| 334 | movl PT_CS(%esp), %eax | ||
| 335 | andl $SEGMENT_RPL_MASK, %eax | ||
| 336 | #endif | ||
| 334 | cmpl $USER_RPL, %eax | 337 | cmpl $USER_RPL, %eax |
| 335 | jb resume_kernel # not returning to v8086 or userspace | 338 | jb resume_kernel # not returning to v8086 or userspace |
| 336 | 339 | ||