Commit d5996b2f authored Jan 15, 2011 by Russell King

ARM: fix /proc/$PID/stack on SMP



Rabin Vincent reports:
| On SMP, this BUG() in save_stack_trace_tsk() can be easily triggered
| from user space by reading /proc/$PID/stack, where $PID is any pid but
| the current process:
|
|	if (tsk != current) {
| #ifdef CONFIG_SMP
|		/*
|		 * What guarantees do we have here that 'tsk'
|		 * is not running on another CPU?
|		 */
|		BUG();
| #else

Fix this by replacing the BUG() with an entry to terminate the stack
trace, returning an empty trace - I'd rather not expose the dwarf
unwinder to a volatile stack of a running thread.

Reported-by: Rabin Vincent <rabin@rab.in>
Tested-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

parent 671289c2

arch/arm/kernel/stacktrace.c

+6 −3

Original line number	Diff line number	Diff line
		@@ -94,10 +94,13 @@ void save_stack_trace_tsk(struct task_struct tsk, struct stack_trace trace)
		if (tsk != current) {
		#ifdef CONFIG_SMP
		/*
		* What guarantees do we have here that 'tsk'
		* is not running on another CPU?
		* What guarantees do we have here that 'tsk' is not
		* running on another CPU? For now, ignore it as we
		* can't guarantee we won't explode.
		*/
		BUG();
		if (trace->nr_entries < trace->max_entries)
		trace->entries[trace->nr_entries++] = ULONG_MAX;
		return;
		#else
		data.no_sched_functions = 1;
		frame.fp = thread_saved_fp(tsk);