From patchwork Mon Sep 8 19:23:17 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aaron Tomlin X-Patchwork-Id: 387033 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 184DB140192 for ; Tue, 9 Sep 2014 05:28:53 +1000 (EST) Received: from ozlabs.org (ozlabs.org [103.22.144.67]) by lists.ozlabs.org (Postfix) with ESMTP id F2BB91A19B7 for ; Tue, 9 Sep 2014 05:28:52 +1000 (EST) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 80DB71A08D9 for ; Tue, 9 Sep 2014 05:25:47 +1000 (EST) Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s88JP9TA025063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 8 Sep 2014 15:25:09 -0400 Received: from localhost (ovpn-116-79.ams2.redhat.com [10.36.116.79]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s88JP8bF018354; Mon, 8 Sep 2014 15:25:09 -0400 From: Aaron Tomlin To: peterz@infradead.org Subject: [PATCH 3/3] sched: BUG when stack end location is over written Date: Mon, 8 Sep 2014 20:23:17 +0100 Message-Id: <1410204197-31204-4-git-send-email-atomlin@redhat.com> In-Reply-To: <1410204197-31204-1-git-send-email-atomlin@redhat.com> References: <20140904161124.GD1436@atomlin.usersys.redhat.com> <1410204197-31204-1-git-send-email-atomlin@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 Cc: dzickus@redhat.com, jcastillo@redhat.com, riel@redhat.com, minchan@kernel.org, bmr@redhat.com, x86@kernel.org, oleg@redhat.com, rostedt@goodmis.org, linux-kernel@vger.kernel.org, hannes@cmpxchg.org, mingo@redhat.com, aneesh.kumar@linux.vnet.ibm.com, akpm@google.com, atomlin@redhat.com, tglx@linutronix.de, linuxppc-dev@lists.ozlabs.org, akpm@linux-foundation.org, pzijlstr@redhat.com X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Currently in the event of a stack overrun a call to schedule() does not check for this type of corruption. This corruption is often silent and can go unnoticed. However once the corrupted region is examined at a later stage, the outcome is undefined and often results in a sporadic page fault which cannot be handled. This patch checks for a stack overrun and takes appropriate action since the damage is already done, there is no point in continuing. Signed-off-by: Aaron Tomlin --- kernel/sched/core.c | 4 ++++ lib/Kconfig.debug | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index ec1a286..182b2d1 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -2660,6 +2660,10 @@ static noinline void __schedule_bug(struct task_struct *prev) */ static inline void schedule_debug(struct task_struct *prev) { +#ifdef CONFIG_SCHED_STACK_END_CHECK + if (unlikely(task_stack_end_corrupted(prev))) + BUG(); +#endif /* * Test if we are atomic. Since do_exit() needs to call into * schedule() atomically, we ignore that path. Otherwise whine diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index a285900..2a8280a 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -824,6 +824,18 @@ config SCHEDSTATS application, you can say N to avoid the very slight overhead this adds. +config SCHED_STACK_END_CHECK + bool "Detect stack corruption on calls to schedule()" + depends on DEBUG_KERNEL + default y + help + This option checks for a stack overrun on calls to schedule(). + If the stack end location is found to be over written always panic as + the content of the corrupted region can no longer be trusted. + This is to ensure no erroneous behaviour occurs which could result in + data corruption or a sporadic crash at a later stage once the region + is examined. The runtime overhead introduced is minimal. + config TIMER_STATS bool "Collect kernel timers statistics" depends on DEBUG_KERNEL && PROC_FS