xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
eb18bc5a8678f431c500e6da1b8b5f34478d5bc1
android_kernel_xiaomi_sm8450/kernel
History
Zheng Yejian eb18bc5a86 rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed 
commit 7a29fb4a4771124bc61de397dbfc1554dbbcc19c upstream.

Registering a kprobe on __rcu_irq_enter_check_tick() can cause kernel
stack overflow as shown below. This issue can be reproduced by enabling
CONFIG_NO_HZ_FULL and booting the kernel with argument "nohz_full=",
and then giving the following commands at the shell prompt:

  # cd /sys/kernel/tracing/
  # echo 'p:mp1 __rcu_irq_enter_check_tick' >> kprobe_events
  # echo 1 > events/kprobes/enable

This commit therefore adds __rcu_irq_enter_check_tick() to the kprobes
blacklist using NOKPROBE_SYMBOL().

Insufficient stack space to handle exception!
ESR: 0x00000000f2000004 -- BRK (AArch64)
FAR: 0x0000ffffccf3e510
Task stack:     [0xffff80000ad30000..0xffff80000ad38000]
IRQ stack:      [0xffff800008050000..0xffff800008058000]
Overflow stack: [0xffff089c36f9f310..0xffff089c36fa0310]
CPU: 5 PID: 190 Comm: bash Not tainted 6.2.0-rc2-00320-g1f5abbd77e2c #19
Hardware name: linux,dummy-virt (DT)
pstate: 400003c5 (nZcv DAIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __rcu_irq_enter_check_tick+0x0/0x1b8
lr : ct_nmi_enter+0x11c/0x138
sp : ffff80000ad30080
x29: ffff80000ad30080 x28: ffff089c82e20000 x27: 0000000000000000
x26: 0000000000000000 x25: ffff089c02a8d100 x24: 0000000000000000
x23: 00000000400003c5 x22: 0000ffffccf3e510 x21: ffff089c36fae148
x20: ffff80000ad30120 x19: ffffa8da8fcce148 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: ffffa8da8e44ea6c
x14: ffffa8da8e44e968 x13: ffffa8da8e03136c x12: 1fffe113804d6809
x11: ffff6113804d6809 x10: 0000000000000a60 x9 : dfff800000000000
x8 : ffff089c026b404f x7 : 00009eec7fb297f7 x6 : 0000000000000001
x5 : ffff80000ad30120 x4 : dfff800000000000 x3 : ffffa8da8e3016f4
x2 : 0000000000000003 x1 : 0000000000000000 x0 : 0000000000000000
Kernel panic - not syncing: kernel stack overflow
CPU: 5 PID: 190 Comm: bash Not tainted 6.2.0-rc2-00320-g1f5abbd77e2c #19
Hardware name: linux,dummy-virt (DT)
Call trace:
 dump_backtrace+0xf8/0x108
 show_stack+0x20/0x30
 dump_stack_lvl+0x68/0x84
 dump_stack+0x1c/0x38
 panic+0x214/0x404
 add_taint+0x0/0xf8
 panic_bad_stack+0x144/0x160
 handle_bad_stack+0x38/0x58
 __bad_stack+0x78/0x7c
 __rcu_irq_enter_check_tick+0x0/0x1b8
 arm64_enter_el1_dbg.isra.0+0x14/0x20
 el1_dbg+0x2c/0x90
 el1h_64_sync_handler+0xcc/0xe8
 el1h_64_sync+0x64/0x68
 __rcu_irq_enter_check_tick+0x0/0x1b8
 arm64_enter_el1_dbg.isra.0+0x14/0x20
 el1_dbg+0x2c/0x90
 el1h_64_sync_handler+0xcc/0xe8
 el1h_64_sync+0x64/0x68
 __rcu_irq_enter_check_tick+0x0/0x1b8
 arm64_enter_el1_dbg.isra.0+0x14/0x20
 el1_dbg+0x2c/0x90
 el1h_64_sync_handler+0xcc/0xe8
 el1h_64_sync+0x64/0x68
 __rcu_irq_enter_check_tick+0x0/0x1b8
 [...]
 el1_dbg+0x2c/0x90
 el1h_64_sync_handler+0xcc/0xe8
 el1h_64_sync+0x64/0x68
 __rcu_irq_enter_check_tick+0x0/0x1b8
 arm64_enter_el1_dbg.isra.0+0x14/0x20
 el1_dbg+0x2c/0x90
 el1h_64_sync_handler+0xcc/0xe8
 el1h_64_sync+0x64/0x68
 __rcu_irq_enter_check_tick+0x0/0x1b8
 arm64_enter_el1_dbg.isra.0+0x14/0x20
 el1_dbg+0x2c/0x90
 el1h_64_sync_handler+0xcc/0xe8
 el1h_64_sync+0x64/0x68
 __rcu_irq_enter_check_tick+0x0/0x1b8
 el1_interrupt+0x28/0x60
 el1h_64_irq_handler+0x18/0x28
 el1h_64_irq+0x64/0x68
 __ftrace_set_clr_event_nolock+0x98/0x198
 __ftrace_set_clr_event+0x58/0x80
 system_enable_write+0x144/0x178
 vfs_write+0x174/0x738
 ksys_write+0xd0/0x188
 __arm64_sys_write+0x4c/0x60
 invoke_syscall+0x64/0x180
 el0_svc_common.constprop.0+0x84/0x160
 do_el0_svc+0x48/0xe8
 el0_svc+0x34/0xd0
 el0t_64_sync_handler+0xb8/0xc0
 el0t_64_sync+0x190/0x194
SMP: stopping secondary CPUs
Kernel Offset: 0x28da86000000 from 0xffff800008000000
PHYS_OFFSET: 0xfffff76600000000
CPU features: 0x00000,01a00100,0000421b
Memory Limit: none

Acked-by: Joel Fernandes (Google) <joel@joelfernandes.org>
Link: https://lore.kernel.org/all/20221119040049.795065-1-zhengyejian1@huawei.com/
Fixes: aaf2bc50df ("rcu: Abstract out rcu_irq_enter_check_tick() from rcu_nmi_enter()")
Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paul E. McKenney <paulmck@kernel.org>
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-17 11:47:34 +02:00
..
bpf
bpf: Fix incorrect verifier pruning due to missing register precision taints
2023-04-26 11:27:36 +02:00
cgroup
cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
2023-04-20 12:10:27 +02:00
configs
debug
lockdown: also lock down previous kgdb use
2022-05-30 09:33:22 +02:00
dma
swiotlb: max mapping size takes min align mask into account
2022-10-05 10:38:40 +02:00
entry
entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set
2023-01-04 11:39:22 +01:00
events
perf/core: Fix the same task check in perf_event_set_output
2023-04-20 12:10:23 +02:00
futex
futex: Resend potentially swallowed owner death notification
2023-01-14 10:15:20 +01:00
gcov
gcov: add support for checksum field
2023-01-14 10:16:24 +01:00
irq
irqdomain: Fix domain registration race
2023-03-17 08:45:08 +01:00
kcsan
kcsan: avoid passing -g for test
2023-04-05 11:23:44 +02:00
livepatch
livepatch: fix race between fork and KLP transition
2022-10-26 13:25:14 +02:00
locking
locking/lockdep: Fix lockdep_init_map_*() confusion
2022-08-21 15:15:33 +02:00
power
PM: EM: fix memory leak with using debugfs_lookup()
2023-03-11 16:39:51 +01:00
printk
printk: fix return value of printk.devkmsg __setup handler
2022-04-08 14:40:08 +02:00
rcu
rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed
2023-05-17 11:47:34 +02:00
sched
sched/fair: Fixes for capacity inversion detection
2023-04-26 11:27:39 +02:00
time
tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
2023-05-17 11:47:32 +02:00
trace
ring-buffer: Sync IRQ works before buffer destruction
2023-05-17 11:47:33 +02:00
.gitignore
kbuild: update config_data.gz only when the content of .config is changed
2021-05-11 14:47:37 +02:00
acct.c
acct: fix potential integer overflow in encode_comp_t()
2023-01-14 10:16:14 +01:00
async.c
Revert "module, async: async_synchronize_full() on module init iff async is used"
2022-02-23 12:01:00 +01:00
audit_fsnotify.c
audit: fix potential double free on error path from fsnotify_add_inode_mark
2022-08-31 17:15:13 +02:00
audit_tree.c
audit: move put_tree() to avoid trim_trees refcount underflow and UAF
2021-09-03 10:09:31 +02:00
audit_watch.c
fsnotify: generalize handle_inode_event()
2020-12-30 11:54:18 +01:00
audit.c
audit: improve audit queue handling when "audit=1" on cmdline
2022-02-08 18:30:34 +01:00
audit.h
audit: log AUDIT_TIME_* records only from rules
2022-04-08 14:40:00 +02:00
auditfilter.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
auditsc.c
audit: log AUDIT_TIME_* records only from rules
2022-04-08 14:40:00 +02:00
backtracetest.c
treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
2020-07-30 11:15:58 -07:00
bounds.c
capability.c
LSM: Signal to SafeSetID when setting group IDs
2020-10-13 09:17:34 -07:00
compat.c
sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
2023-04-05 11:23:45 +02:00
configs.c
context_tracking.c
context_tracking: Ensure that the critical path cannot be instrumented
2020-06-11 15:14:36 +02:00
cpu_pm.c
PM: cpu: Make notifier chain use a raw_spinlock_t
2021-09-15 09:50:40 +02:00
cpu.c
cpu/hotplug: Make target_store() a nop when target == state
2023-01-14 10:15:20 +01:00
crash_core.c
crash_core, vmcoreinfo: append 'SECTION_SIZE_BITS' to vmcoreinfo
2021-06-23 14:42:52 +02:00
crash_dump.c
cred.c
Revert "Add a reference to ucounts for each cred"
2021-09-08 08:49:00 +02:00
delayacct.c
dma.c
exec_domain.c
exit.c
exit: Use READ_ONCE() for all oops/warn limit reads
2023-02-01 08:23:21 +01:00
extable.c
fail_function.c
kernel/fail_function: fix memory leak with using debugfs_lookup()
2023-03-11 16:40:18 +01:00
fork.c
seccomp: Move copy_seccomp() to no failure path.
2023-05-17 11:47:27 +02:00
freezer.c
Revert "kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for freezing"
2021-04-07 15:00:14 +02:00
gen_kheaders.sh
kbuild: add variables for compression tools
2020-06-06 23:42:01 +09:00
groups.c
LSM: Signal to SafeSetID when setting group IDs
2020-10-13 09:17:34 -07:00
hung_task.c
kernel/hung_task.c: make type annotations consistent
2020-11-02 12:14:19 -08:00
iomem.c
irq_work.c
irq_work, smp: Allow irq_work on call_single_queue
2020-05-28 10:54:15 +02:00
jump_label.c
jump_label: Fix jump_label_text_reserved() vs __init
2021-07-20 16:05:58 +02:00
kallsyms.c
treewide: Convert macro and uses of __section(foo) to __section("foo")
2020-10-25 14:51:49 -07:00
kcmp.c
exec: Transform exec_update_mutex into a rw_semaphore
2021-01-09 13:46:24 +01:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kcov: make some symbols static
2020-08-12 10:58:02 -07:00
kexec_core.c
panic, kexec: make __crash_kexec() NMI safe
2023-04-20 12:10:29 +02:00
kexec_elf.c
kexec_file.c
panic, kexec: make __crash_kexec() NMI safe
2023-04-20 12:10:29 +02:00
kexec_internal.h
panic, kexec: make __crash_kexec() NMI safe
2023-04-20 12:10:29 +02:00
kexec.c
panic, kexec: make __crash_kexec() NMI safe
2023-04-20 12:10:29 +02:00
kheaders.c
kheaders: Use array declaration instead of char
2023-05-17 11:47:33 +02:00
kmod.c
kmod: remove redundant "be an" in the comment
2020-08-12 10:58:01 -07:00
kprobes.c
x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range
2023-03-11 16:39:59 +01:00
ksysfs.c
kexec: turn all kexec_mutex acquisitions into trylocks
2023-04-20 12:10:29 +02:00
kthread.c
kthread: Fix PF_KTHREAD vs to_kthread() race
2021-09-03 10:09:31 +02:00
latencytop.c
Makefile
futex: Move to kernel/futex/
2023-01-14 10:15:20 +01:00
module_signature.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
module_signing.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
module-internal.h
module.c
module: Don't wait for GOING modules
2023-02-01 08:23:22 +01:00
notifier.c
notifier: Fix broken error handling pattern
2020-09-01 09:58:03 +02:00
nsproxy.c
nsproxy: support CLONE_NEWTIME with setns()
2020-07-08 11:14:22 +02:00
padata.c
padata: Fix list iterator in padata_do_serial()
2023-01-14 10:15:51 +01:00
panic.c
exit: Use READ_ONCE() for all oops/warn limit reads
2023-02-01 08:23:21 +01:00
params.c
params: Replace zero-length array with flexible-array member
2020-10-29 17:22:59 -05:00
pid_namespace.c
rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
2023-03-11 16:39:19 +01:00
pid.c
exec: Transform exec_update_mutex into a rw_semaphore
2021-01-09 13:46:24 +01:00
profile.c
profiling: fix shift too large makes kernel panic
2022-08-21 15:16:05 +02:00
ptrace.c
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
2022-06-09 10:20:49 +02:00
range.c
kernel.h: split out min()/max() et al. helpers
2020-10-16 11:11:19 -07:00
reboot.c
reboot: fix overflow parsing reboot cpu number
2020-11-14 11:26:03 -08:00
regset.c
regset: kill ->get()
2020-07-27 14:31:12 -04:00
relay.c
relay: fix type mismatch when allocating memory in relay_create_buf()
2023-01-14 10:15:22 +01:00
resource.c
dax/kmem: Fix leak of memory-hotplug resources
2023-03-11 16:40:04 +01:00
rseq.c
rseq: Remove broken uapi field layout on 32-bit little endian
2022-04-08 14:40:03 +02:00
scftorture.c
scftorture: Fix distribution of short handler delays
2022-06-09 10:21:01 +02:00
scs.c
mm: memcontrol: account kernel stack per node
2020-08-07 11:33:25 -07:00
seccomp.c
seccomp: Fix setting loaded filter count during TSYNC
2021-08-18 08:59:06 +02:00
signal.c
task_work: unconditionally run task_work from get_signal()
2023-01-04 11:39:23 +01:00
smp.c
smp: Fix offline cpu check in flush_smp_call_function_queue()
2022-04-20 09:23:29 +02:00
smpboot.c
sched/core: Initialize the idle task with preemption disabled
2021-07-14 16:55:50 +02:00
smpboot.h
softirq.c
softirq: Add debug check to __raise_softirq_irqoff()
2020-09-16 15:18:56 +02:00
stackleak.c
gcc-plugins/stackleak: Use noinstr in favor of notrace
2022-02-23 12:01:00 +01:00
stacktrace.c
stacktrace: Remove reliable argument from arch_stack_walk() callback
2020-09-18 14:24:16 +01:00
static_call.c
static_call: Fix unused variable warn w/o MODULE
2021-09-08 08:49:00 +02:00
stop_machine.c
stop_machine, rcu: Mark functions as notrace
2020-10-26 12:12:27 +01:00
sys_ni.c
kernel/sys_ni: add compat entry for fadvise64_64
2022-08-31 17:15:13 +02:00
sys.c
kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
2023-04-26 11:27:38 +02:00
sysctl-test.c
sysctl.c
sysctl: Fix data-races in proc_dou8vec_minmax().
2023-04-20 12:10:29 +02:00
task_work.c
task_work: add helper for more targeted task_work canceling
2023-01-04 11:39:23 +01:00
taskstats.c
taskstats: move specifying netlink policy back to ops
2020-10-02 19:11:12 -07:00
test_kprobes.c
torture.c
torture: Dump ftrace at shutdown only if requested
2020-06-29 12:01:45 -07:00
tracepoint.c
tracepoint: Use rcu get state and cond sync for static call updates
2021-09-03 10:09:30 +02:00
tsacct.c
taskstats: Cleanup the use of task->exit_code
2022-01-27 10:54:33 +01:00
ucount.c
Revert "Add a reference to ucounts for each cred"
2021-09-08 08:49:00 +02:00
uid16.c
uid16.h
umh.c
usermodehelper: reset umask to default before executing user process
2020-10-06 10:31:52 -07:00
up.c
smp: Fix smp_call_function_single_async prototype
2021-05-14 09:50:46 +02:00
user_namespace.c
Revert "Add a reference to ucounts for each cred"
2021-09-08 08:49:00 +02:00
user-return-notifier.c
user.c
user.c: make uidhash_table static
2020-06-04 19:06:24 -07:00
usermode_driver.c
bpf: Fix umd memory leak in copy_process()
2021-03-30 14:32:03 +02:00
utsname_sysctl.c
utsname.c
nsproxy: add struct nsset
2020-05-09 13:57:12 +02:00
watch_queue.c
watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
2023-03-17 08:45:13 +01:00
watchdog_hld.c
watchdog.c
watchdog: export lockup_detector_reconfigure
2022-08-25 11:38:20 +02:00
workqueue_internal.h
workqueue.c
workqueue: don't skip lockdep work dependency in cancel_work_sync()
2022-09-28 11:10:40 +02:00