From 96bdd177a27d6b792d462c516035307d8414d803 Mon Sep 17 00:00:00 2001 From: Cheng Jian Date: Mon, 28 Jan 2019 10:09:14 +0800 Subject: [PATCH] livepatch/arm64: fix sleeping function called from invalid context by use kzalloc euler inclusion category: bugfix Bugzilla: 5507/5072 CVE: N/A ---------------------------------------- we use arch__klp_enable_func in atomic context to patched instruction arch__klp_enable_func -=> kzalloc(XXX, GFP_KERNEL) but it might_sleep here, when we enale an livepatch module, cause crash, use GFP_ATOMIC instead of GFP_KERNEL the call trace is like: livepatch: enabling patch 'klp_testEL_HOTPATCH_ADDFUNTOMULTIFILE_FUN_001' BUG: sleeping function called from invalid context at mm/slub.c:1287 in_atomic(): 1, irqs_disabled(): 128, pid: 13, name: migration/1 Preemption disabled at:[] smpboot_thread_fn+0x27c/0x2a4 CPU: 1 PID: 13 Comm: migration/1 Tainted: G W O K 4.4.159+ #3 Hardware name: hisilicon,hi1213-fpga (DT) Call trace: [] dump_backtrace+0x0/0x13c [] show_stack+0x24/0x30 [] dump_stack+0x90/0xb0 [] ___might_sleep+0x18c/0x19c [] __might_sleep+0x80/0x90 [] kmem_cache_alloc_trace+0x60/0x248 [] arch__klp_enable_func+0x70/0x144 [] klp_try_enable_patch+0x114/0x1e0 [] multi_cpu_stop+0xb0/0x104 [] cpu_stopper_thread+0xa0/0x130 [] smpboot_thread_fn+0x27c/0x2a4 [] kthread+0x114/0x11c [] ret_from_fork+0x10/0x40 Signed-off-by: Cheng Jian Reviewed-by: Li Bin Signed-off-by: Yang Yingliang --- arch/arm64/kernel/livepatch.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kernel/livepatch.c b/arch/arm64/kernel/livepatch.c index 3ba7959ce0c9..e43afc787148 100644 --- a/arch/arm64/kernel/livepatch.c +++ b/arch/arm64/kernel/livepatch.c @@ -168,7 +168,7 @@ int arch_klp_patch_func(struct klp_func *func) func_node = klp_find_func_node(func->old_addr); if (!func_node) { - func_node = kzalloc(sizeof(*func_node), GFP_KERNEL); + func_node = kzalloc(sizeof(*func_node), GFP_ATOMIC); if (!func_node) return -ENOMEM; memory_flag = 1; -- GitLab