From patchwork Mon Oct 23 09:51:55 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 116660 Delivered-To: patch@linaro.org Received: by 10.80.245.45 with SMTP id t42csp2663836edm; Mon, 23 Oct 2017 02:52:05 -0700 (PDT) X-Google-Smtp-Source: ABhQp+QPfKz2HSmAzqy+apAChB9+vxpq5m/YXLer63Aa+wkpEQqpzFg29CdNzDcgrNPyXa7Wy4FL X-Received: by 10.99.3.21 with SMTP id 21mr11018557pgd.77.1508752325804; Mon, 23 Oct 2017 02:52:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1508752325; cv=none; d=google.com; s=arc-20160816; b=i8q8clWXcOz6lqxHVbpMn5Rab8gN0buCWkVmrLwIuLn5hgBKMejJcglZAowvKJVfGq EvSU5974XulZTT9MucSjUc4Fwr4pqXjmZgeJVuAThIYD7U6Ce4nMrWp/XVvDA2DYAIhm X5c1LOA7M2aS7vlNbgSYx13yQAF+JCEUA7qY4/CjY/spQ3opiqbtekUTDGZ0i5F4M5BT Wy+7u7YaN74U11V0mTwg5P+L/5dWmwAFrwBCz6hoqqciSBxhm5aqK2gAeCDoi8ZV6V94 4s3Czq25KKbDNHdOXDZQw4jfSxUz4tdKDuMTOPwR4ha4X/RQMseidP1zuawYT4w0jbhb CvVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=RLYdqLlYAEOWqM+RDLywhqeyLhWBe88UUFEwVZud5zo=; b=vbhF6jpGGiWASXnppDKGcWaiKM4zZxzMRLRtoJTAA+sohh8Bel9TjiF4C6ClFOn9ts Og7YoANl4qrX/TfzgDi7/3rZZFRTfKVdSuaePcWMCvgf4vJs9oJk+4PC2wQ+U7KVjATx h+okH95F9uSS0YRn0z3fxzzi+WIJak4dS+1GeErzf/HMle70PBpTqvk5g7DOcLqQwIvK VXGGIxBVe6UW2Mw7OKWMjbP3/wJqIb21xd7Odss6W9fZyCy1OtZgrjG2fY7cQQde2pNp WQsIKCrH1l21h29Ho2a6e9tZb+6oPN7RCDHMPc/8SnR+QdCVElb0nuby4Q1G9nhV6NaT zauA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r6si3765195pls.393.2017.10.23.02.52.05; Mon, 23 Oct 2017 02:52:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751250AbdJWJwE (ORCPT + 9 others); Mon, 23 Oct 2017 05:52:04 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:36616 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751200AbdJWJwD (ORCPT ); Mon, 23 Oct 2017 05:52:03 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7876980D; Mon, 23 Oct 2017 02:52:03 -0700 (PDT) Received: from edgewater-inn.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 494ED3F25D; Mon, 23 Oct 2017 02:52:03 -0700 (PDT) Received: by edgewater-inn.cambridge.arm.com (Postfix, from userid 1000) id 84AC71AE117B; Mon, 23 Oct 2017 10:52:03 +0100 (BST) From: Will Deacon To: linux-kernel@vger.kernel.org Cc: Will Deacon , Mark Rutland , Al Viro , Andrea Arcangeli , "Rafael J. Wysocki" , Subject: [PATCH] fs/userfaultfd: Don't try to freeze uninterruptible tasks Date: Mon, 23 Oct 2017 10:51:55 +0100 Message-Id: <1508752315-31694-1-git-send-email-will.deacon@arm.com> X-Mailer: git-send-email 2.1.4 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org The userfaultfd code sets the faulting task's state to TASK_KILLABLE for faults originating from kernel accesses, which prevents the task being frozen during a hibernate operation. For example, setting a userfaultfd region to trigger on the signal stack leads to a task that requires a fatal signal in order to exit after the kernel has failed to push a sigframe for a prior non-fatal signal. Such a task causes hibernation to fail as follows and can be achieved without additional privilege: Freezing user space processes ... Freezing of tasks failed after 20.007 seconds (1 tasks refusing to freeze, wq_busy=0): uaccess-repro D 0 11213 9853 0x00000004 Call Trace: __schedule+0x245/0x880 schedule+0x36/0x80 handle_userfault+0x28f/0x670 ? userfaultfd_ctx_get+0x40/0x40 __handle_mm_fault+0xf92/0xfa0 handle_mm_fault+0xd8/0x240 __do_page_fault+0x23f/0x4c0 do_page_fault+0x22/0x30 page_fault+0x28/0x30 RIP: 0010:__clear_user+0x25/0x50 RSP: 0018:ffffb098029b3d70 EFLAGS: 00050202 RAX: 0000000000000000 RBX: 00007f5830336c80 RCX: 0000000000000008 RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00007f5830336e80 RBP: ffffb098029b3d70 R08: 0000000000000344 R09: 000000000000000c R10: ffffb098029b3d37 R11: ffff92b58c0cc380 R12: ffff92b58c0cc380 R13: 00007f5830336c80 R14: ffffb098029b3e18 R15: ffff92b58c0ccdf8 copy_fpstate_to_sigframe+0x91/0x1f0 get_sigframe.isra.13.constprop.14+0x1aa/0x1d0 do_signal+0x1c4/0x740 ? SYSC_kill+0xeb/0x1a0 ? alloc_file+0x1d/0xc0 exit_to_usermode_loop+0x80/0xd0 syscall_return_slowpath+0x59/0x60 entry_SYSCALL_64_fastpath+0xa7/0xa9 This patch fixes the problem by informing the freezer code that the task does not require to be frozen when in an uninterruptible state. Cc: Mark Rutland Cc: Al Viro Cc: Andrea Arcangeli Cc: "Rafael J. Wysocki" Cc: Signed-off-by: Will Deacon --- fs/userfaultfd.c | 4 ++++ 1 file changed, 4 insertions(+) -- 2.1.4 diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index ef4b48d1ea42..974f2dd4e711 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -29,6 +29,7 @@ #include #include #include +#include static struct kmem_cache *userfaultfd_ctx_cachep __read_mostly; @@ -481,6 +482,7 @@ int handle_userfault(struct vm_fault *vmf, unsigned long reason) (return_to_userland ? !signal_pending(current) : !fatal_signal_pending(current)))) { wake_up_poll(&ctx->fd_wqh, POLLIN); + freezer_do_not_count(); schedule(); ret |= VM_FAULT_MAJOR; @@ -504,8 +506,10 @@ int handle_userfault(struct vm_fault *vmf, unsigned long reason) (return_to_userland ? signal_pending(current) : fatal_signal_pending(current))) break; + schedule(); } + freezer_count(); } __set_current_state(TASK_RUNNING);