31.10.2015 08:43, Andy Lutomirski пишет:
On Fri, Oct 30, 2015 at 6:44 PM, Andy Lutomirski <l...@amacapital.net> wrote:
Hi all-
In 4.3-rc7, running dosemu2 (https://github.com/stsp/dosemu2/) oopses
the system very quickly, as long as CONFIG_VM86=y. It blows up
because snd_seq_delete_port walks ports_list_head, finds two valid
ports, and then starts finding obviously invalid pointers in the list.
git bisect blames:
commit 5ed92a8ab71f8865ba07811429c988c72299b315
Author: Brian Gerst <brge...@gmail.com>
Date: Wed Jul 29 01:41:19 2015 -0400
x86/vm86: Use the normal pt_regs area for vm86
I haven't spotted the problem yet. It seems to happen when
task_work_run fires in get_signal, which happens before
save_v86_state. I'm not entirely sure what causes task work to be
scheduled at all while in v86 land. Could we somehow be processing
task_work later than we should?
Nope, the bug has nothing to do with task_work. Patches sent.
Andy, thanks for finally fixing this attack surface!
So after all, the comments you put into Kconfig, were justified.
Now I can seriously consider the dosemu2-specific vm86-light.
Having the machine to crash, was not a good starting point for
the clean-ups.
Also there is an interesting thread here:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1499089
I wonder if they are affected now by that bug or not...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
