| From 1a0aa991a6274161c95a844c58cfb801d681eb59 Mon Sep 17 00:00:00 2001 |
| From: Masami Hiramatsu <mhiramat@kernel.org> |
| Date: Tue, 12 May 2020 17:02:56 +0900 |
| Subject: kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex |
| |
| From: Masami Hiramatsu <mhiramat@kernel.org> |
| |
| commit 1a0aa991a6274161c95a844c58cfb801d681eb59 upstream. |
| |
| In kprobe_optimizer() kick_kprobe_optimizer() is called |
| without kprobe_mutex, but this can race with other caller |
| which is protected by kprobe_mutex. |
| |
| To fix that, expand kprobe_mutex protected area to protect |
| kick_kprobe_optimizer() call. |
| |
| Link: http://lkml.kernel.org/r/158927057586.27680.5036330063955940456.stgit@devnote2 |
| |
| Fixes: cd7ebe2298ff ("kprobes: Use text_poke_smp_batch for optimizing") |
| Cc: Ingo Molnar <mingo@kernel.org> |
| Cc: "Gustavo A . R . Silva" <gustavoars@kernel.org> |
| Cc: Anders Roxell <anders.roxell@linaro.org> |
| Cc: "Naveen N . Rao" <naveen.n.rao@linux.ibm.com> |
| Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> |
| Cc: David Miller <davem@davemloft.net> |
| Cc: Ingo Molnar <mingo@elte.hu> |
| Cc: Peter Zijlstra <peterz@infradead.org> |
| Cc: Ziqian SUN <zsun@redhat.com> |
| Cc: stable@vger.kernel.org |
| Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> |
| Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| kernel/kprobes.c | 3 ++- |
| 1 file changed, 2 insertions(+), 1 deletion(-) |
| |
| --- a/kernel/kprobes.c |
| +++ b/kernel/kprobes.c |
| @@ -599,11 +599,12 @@ static void kprobe_optimizer(struct work |
| mutex_unlock(&module_mutex); |
| mutex_unlock(&text_mutex); |
| cpus_read_unlock(); |
| - mutex_unlock(&kprobe_mutex); |
| |
| /* Step 5: Kick optimizer again if needed */ |
| if (!list_empty(&optimizing_list) || !list_empty(&unoptimizing_list)) |
| kick_kprobe_optimizer(); |
| + |
| + mutex_unlock(&kprobe_mutex); |
| } |
| |
| /* Wait for completing optimization and unoptimization */ |
