github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-16 02:52:26 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
b57af607da
linux/drivers
History
Rabin Vincent a35c9d6749 dm crypt: fix crash on exit 
commit f659b10087 upstream.

As the documentation for kthread_stop() says, "if threadfn() may call
do_exit() itself, the caller must ensure task_struct can't go away".
dm-crypt does not ensure this and therefore crashes when crypt_dtr()
calls kthread_stop().  The crash is trivially reproducible by adding a
delay before the call to kthread_stop() and just opening and closing a
dm-crypt device.

 general protection fault: 0000 [#1] PREEMPT SMP
 CPU: 0 PID: 533 Comm: cryptsetup Not tainted 4.8.0-rc7+ #7
 task: ffff88003bd0df40 task.stack: ffff8800375b4000
 RIP: 0010: kthread_stop+0x52/0x300
 Call Trace:
  crypt_dtr+0x77/0x120
  dm_table_destroy+0x6f/0x120
  __dm_destroy+0x130/0x250
  dm_destroy+0x13/0x20
  dev_remove+0xe6/0x120
  ? dev_suspend+0x250/0x250
  ctl_ioctl+0x1fc/0x530
  ? __lock_acquire+0x24f/0x1b10
  dm_ctl_ioctl+0x13/0x20
  do_vfs_ioctl+0x91/0x6a0
  ? ____fput+0xe/0x10
  ? entry_SYSCALL_64_fastpath+0x5/0xbd
  ? trace_hardirqs_on_caller+0x151/0x1e0
  SyS_ioctl+0x41/0x70
  entry_SYSCALL_64_fastpath+0x1f/0xbd

This problem was introduced by bcbd94ff48 ("dm crypt: fix a possible
hang due to race condition on exit").

Looking at the description of that patch (excerpted below), it seems
like the problem it addresses can be solved by just using
set_current_state instead of __set_current_state, since we obviously
need the memory barrier.

| dm crypt: fix a possible hang due to race condition on exit
|
| A kernel thread executes __set_current_state(TASK_INTERRUPTIBLE),
| __add_wait_queue, spin_unlock_irq and then tests kthread_should_stop().
| It is possible that the processor reorders memory accesses so that
| kthread_should_stop() is executed before __set_current_state().  If
| such reordering happens, there is a possible race on thread
| termination: [...]

So this patch just reverts the aforementioned patch and changes the
__set_current_state(TASK_INTERRUPTIBLE) to set_current_state(...).  This
fixes the crash and should also fix the potential hang.

Fixes: bcbd94ff48 ("dm crypt: fix a possible hang due to race condition on exit")
Cc: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Rabin Vincent <rabinv@axis.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-10-28 03:01:28 -04:00
..
accessibility
acpi ACPICA: acpi_get_sleep_type_data: Reduce warnings 2016-10-07 15:23:48 +02:00
amba
android drivers: android: correct the size of struct binder_uintptr_t for BC_DEAD_BINDER_DONE 2016-03-03 15:07:10 -08:00
ata libata: LITE-ON CX1-JB256-HP needs lower max_sectors 2016-08-10 11:49:29 +02:00
atm
auxdisplay
base platform: don't return 0 from platform_get_irq[_byname]() on error 2016-10-28 03:01:26 -04:00
bcma x86/quirks: Add early quirk to reset Apple AirPort card 2016-08-10 11:49:24 +02:00
block nbd: ratelimit error msgs after socket close 2016-05-11 11:21:10 +02:00
bluetooth Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] 2016-09-15 08:27:49 +02:00
bus bus: arm-ccn: Fix XP watchpoint settings bitmask 2016-09-24 10:07:40 +02:00
cdrom
char tpm_crb: fix crb_req_canceled behavior 2016-10-16 17:36:15 +02:00
clk clk: imx6: initialize GPU clocks 2016-10-28 03:01:26 -04:00
clocksource clocksource/drivers/sun4i: Clear interrupts after stopping timer in probe function 2016-09-24 10:07:35 +02:00
connector connector: bump skb->users before callback invocation 2016-01-04 21:46:45 -05:00
cpufreq cpufreq: intel_pstate: Fix unsafe HWP MSR access 2016-10-28 03:01:26 -04:00
cpuidle ARM: cpuidle: Fix error return code 2016-10-16 17:36:15 +02:00
crypto crypto: vmx - Fix memory corruption caused by p8_ghash 2016-10-22 12:26:56 +02:00
dca
devfreq
dio
dma dmaengine: at_xdmac: fix to pass correct device identity to free_irq() 2016-10-07 15:23:46 +02:00
dma-buf
edac EDAC: Increment correct counter in edac_inc_ue_error() 2016-09-07 08:32:41 +02:00
eisa
extcon extcon: max77843: Use correct size for reading the interrupt register 2016-05-04 14:48:54 -07:00
firewire IEEE 1394 subsystem patch: 2015-11-11 10:21:34 -08:00
firmware efi: Expose non-blocking set_variable() wrapper to efivars 2016-05-04 14:48:49 -07:00
fmc
fpga fpga manager: Fix firmware resource leak on error 2015-11-24 15:25:46 -08:00
gpio gpio: mpc8xxx: Correct irq handler function 2016-10-28 03:01:25 -04:00
gpu drm/radeon/si/dpm: add workaround for for Jet parts 2016-10-07 15:23:40 +02:00
hid HID: core: prevent out-of-bound readings 2016-09-15 08:27:48 +02:00
hsi
hv drivers:hv: Lock access to hyperv_mmio resource tree 2016-09-15 08:27:50 +02:00
hwmon hwmon: (adt7411) set bit 3 in CFG1 register 2016-10-07 15:23:42 +02:00
hwspinlock drivers/hwspinlock: fix race between radix tree insertion and lookup 2016-02-25 12:01:23 -08:00
hwtracing intel_th: Fix a deadlock in modprobing 2016-08-10 11:49:30 +02:00
i2c i2c: qup: skip qup_i2c_suspend if the device is already runtime suspended 2016-09-30 10:18:38 +02:00
ide
idle intel_idle: Support for Intel Xeon Phi Processor x200 Product Family 2016-09-15 08:27:46 +02:00
iio include/linux/kernel.h: change abs() macro so it uses consistent return type 2016-09-30 10:18:33 +02:00
infiniband IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV 2016-10-07 15:23:47 +02:00
input Input: xpad - move pending clear to the correct location 2016-09-15 08:27:48 +02:00
iommu Add braces to avoid "ambiguous ‘else’" compiler warnings 2016-09-30 10:18:35 +02:00
ipack
irqchip irqchip/gicv3: Silence noisy DEBUG_PER_CPU_MAPS warning 2016-10-07 15:23:42 +02:00
isdn ser_gigaset: remove unnecessary kfree() calls from release method 2015-12-15 13:24:21 -05:00
leds
lguest
lightnvm lightnvm: put bio before return 2016-09-24 10:07:35 +02:00
macintosh
mailbox
mcb mcb: Fixed bar number assignment for the gdd 2016-06-01 12:15:53 -07:00
md dm crypt: fix crash on exit 2016-10-28 03:01:28 -04:00
media gspca: avoid unused variable warnings 2016-10-07 15:23:45 +02:00
memory memory: omap-gpmc: Fix omap gpmc EXTRADELAY timing 2016-07-27 09:47:35 -07:00
memstick
message SCSI queue for 4.4. 2015-11-12 07:06:18 -05:00
mfd mfd: wm8350-i2c: Make sure the i2c regmap functions are compiled 2016-10-16 17:36:14 +02:00
misc mei: me: add kaby point device ids 2016-10-28 03:01:25 -04:00
mmc mmc: sdhci: cast unsigned int to unsigned long long to avoid unexpeted error 2016-10-28 03:01:26 -04:00
mtd mtd: nand: davinci: Reinitialize the HW ECC engine in 4bit hwctl 2016-10-07 15:23:40 +02:00
net rtlwifi: Fix missing country code for Great Britain 2016-10-28 03:01:26 -04:00
nfc NFC: fdp: Detect errors from fdp_nci_create_conn() 2016-10-07 15:23:44 +02:00
ntb
nubus
nvdimm libnvdimm, pfn: fix uuid validation 2016-04-20 15:41:54 +09:00
nvme nvme: Call pci_disable_device on the error path. 2016-09-15 08:27:51 +02:00
nvmem nvmem: mxs-ocotp: fix buffer overflow in read 2016-05-11 11:21:21 +02:00
of of: fix reference counting in of_graph_get_endpoint_by_regs 2016-09-07 08:32:41 +02:00
oprofile
parisc parisc iommu: fix panic due to trying to allocate too large region 2015-12-12 16:07:25 +01:00
parport
pci PCI: Mark Atheros AR9580 to avoid bus reset 2016-10-28 03:01:26 -04:00
pcmcia pcmcia: db1xxx_ss: fix last irq_to_gpio user 2016-04-20 15:42:09 +09:00
perf drivers/perf: arm_pmu: Fix leak in error path 2016-10-07 15:23:41 +02:00
phy phy: core: fix wrong err handle for phy_power_on 2016-03-03 15:07:28 -08:00
pinctrl pinctrl: uniphier: fix .pin_dbg_show() callback 2016-10-07 15:23:41 +02:00
platform mfd: cros_ec: Add cros_ec_cmd_xfer_status() helper 2016-09-07 08:32:43 +02:00
pnp PNP: Add Broadwell to Intel MCH size workaround 2016-08-16 09:30:48 +02:00
power power: supply: max17042_battery: fix model download bug. 2016-09-30 10:18:39 +02:00
powercap powercap / RAPL: fix BIOS lock check 2015-12-12 02:31:11 +01:00
pps pps: do not crash when failed to register 2016-08-10 11:49:25 +02:00
ps3
ptp
pwm pwm: Mark all devices as "might sleep" 2016-09-30 10:18:37 +02:00
rapidio
ras
regulator regulator: tps65910: Work around silicon erratum SWCZ010 2016-10-28 03:01:25 -04:00
remoteproc remoteproc: Fix potential race condition in rproc_add 2016-08-20 18:09:20 +02:00
reset
rpmsg
rtc rtc: s3c: Add s3c_rtc_{enable/disable}_clk in s3c_rtc_setfreq() 2016-08-20 18:09:27 +02:00
s390 s390/sclp_ctl: fix potential information leak with /dev/sclp 2016-09-15 08:27:51 +02:00
sbus
scsi scsi: ibmvfc: Fix I/O hang when port is not mapped 2016-10-22 12:26:56 +02:00
sfi
sh drivers: sh: Restore legacy clock domain on SuperH platforms 2016-03-09 15:34:49 -08:00
sn
soc soc: qcom/spm: shut up uninitialized variable warning 2016-09-24 10:07:42 +02:00
spi spi: sh-msiof: Avoid invalid clock generator parameters 2016-10-07 15:23:42 +02:00
spmi
ssb
staging Staging: fbtft: Fix bug in fbtft-core 2016-10-07 15:23:47 +02:00
target target: Fix ordered task CHECK_CONDITION early exception handling 2016-08-20 18:09:26 +02:00
tc
thermal thermal: cpu_cooling: fix improper order during initialization 2016-07-27 09:47:29 -07:00
thunderbolt thunderbolt: Fix double free of drom buffer 2016-06-01 12:15:53 -07:00
tty serial: 8250_dw: Check the data->pclk when get apb_pclk 2016-10-22 12:26:54 +02:00
uio
usb Revert "usbtmc: convert to devm_kzalloc" 2016-10-07 15:23:47 +02:00
uwb
vfio vfio/pci: Fix NULL pointer oops in error interrupt setup handling 2016-09-07 08:32:37 +02:00
vhost vhost/scsi: fix reuse of &vq->iov[out] in response 2016-09-15 08:27:53 +02:00
video fbdev: da8xx-fb: fix videomodes of lcd panels 2016-05-04 14:48:51 -07:00
virt
virtio virtio: fix memory leak in virtqueue_add() 2016-09-07 08:32:36 +02:00
vlynq
vme
w1 w1:omap_hdq: fix regression 2016-08-20 18:09:22 +02:00
watchdog watchdog: rc32434_wdt: fix ioctl error handling 2016-04-12 09:08:54 -07:00
xen xenbus: don't bail early from xenbus_dev_request_and_reply() 2016-08-10 11:49:26 +02:00
zorro
Kconfig
Makefile null_blk: register as a LightNVM device 2015-11-16 15:22:28 -07:00