[Devel] [PATCH RHEL7 COMMIT] ms/fs/proc/base.c: fix GPF in /proc/$PID/map_files

Konstantin Khorenko khorenko at virtuozzo.com
Mon Jul 17 17:47:05 MSK 2017 

Please, consider to prepare a ReadyKernel patch for it.

https://readykernel.com/

--
Best regards,

Konstantin Khorenko,
Virtuozzo Linux Kernel Team

On 07/17/2017 05:43 PM, Konstantin Khorenko wrote:
> The commit is pushed to "branch-rh7-3.10.0-514.26.1.vz7.33.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
> after rh7-3.10.0-514.26.1.vz7.33.8
> ------>
> commit 730f6e763886c63ec8657659c2a444b1839b0954
> Author: Artem Fetishev <artem_fetishev at epam.com>
> Date:   Mon Jul 17 18:43:53 2017 +0400
>
>     ms/fs/proc/base.c: fix GPF in /proc/$PID/map_files
>
>     The expected logic of proc_map_files_get_link() is either to return 0
>     and initialize 'path' or return an error and leave 'path' uninitialized.
>
>     By the time dname_to_vma_addr() returns 0 the corresponding vma may have
>     already be gone.  In this case the path is not initialized but the
>     return value is still 0.  This results in 'general protection fault'
>     inside d_path().
>
>     Steps to reproduce:
>
>       CONFIG_CHECKPOINT_RESTORE=y
>
>         fd = open(...);
>         while (1) {
>             mmap(fd, ...);
>             munmap(fd, ...);
>         }
>
>       ls -la /proc/$PID/map_files
>
>     Addresses https://bugzilla.kernel.org/show_bug.cgi?id=68991
>
>     https://jira.sw.ru/browse/PSBM-68472
>
>     Signed-off-by: Artem Fetishev <artem_fetishev at epam.com>
>     Signed-off-by: Aleksandr Terekhov <aleksandr_terekhov at epam.com>
>     Reported-by: <wiebittewas at gmail.com>
>     Acked-by: Pavel Emelyanov <xemul at parallels.com>
>     Acked-by: Cyrill Gorcunov <gorcunov at openvz.org>
>     Reviewed-by: "Eric W. Biederman" <ebiederm at xmission.com>
>     Cc: <stable at vger.kernel.org>
>     Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
>     Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
>
>     ms commit: 70335ab ("fs/proc/base.c: fix GPF in /proc/$PID/map_files")
>
>     Signed-off-by: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
> ---
>  fs/proc/base.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index 0af670c..291e503 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2028,6 +2028,7 @@ static int proc_map_files_get_link(struct dentry *dentry, struct path *path)
>  	if (rc)
>  		goto out_mmput;
>
> +	rc = -ENOENT;
>  	down_read(&mm->mmap_sem);
>  	vma = find_exact_vma(mm, vm_start, vm_end);
>  	if (vma && vma->vm_file) {
> .
>

More information about the Devel mailing list