On Sun, Aug 10, 2014 at 8:50 PM, Guenter Roeck <[email protected]> wrote: > Current upstream kernel hangs with mips and powerpc targets in > uniprocessor mode if SECCOMP is configured. > > Bisect points to commit dbd952127d11 ("seccomp: introduce writer locking"). > Turns out that code such as > BUG_ON(!spin_is_locked(&list_lock)); > can not be used in uniprocessor mode because spin_is_locked() always > returns false in this configuration, and that assert_spin_locked() > exists for that very purpose and must be used instead. > > Fixes: dbd952127d11 ("seccomp: introduce writer locking") > Cc: Kees Cook <[email protected]> > Signed-off-by: Guenter Roeck <[email protected]>
Applied, thanks! Should be visible here shortly: http://git.kernel.org/cgit/linux/kernel/git/kees/linux.git/log/?h=seccomp/tip -Kees > --- > kernel/fork.c | 2 +- > kernel/seccomp.c | 10 +++++----- > 2 files changed, 6 insertions(+), 6 deletions(-) > > diff --git a/kernel/fork.c b/kernel/fork.c > index 1380d8a..0cf9cdb 100644 > --- a/kernel/fork.c > +++ b/kernel/fork.c > @@ -1105,7 +1105,7 @@ static void copy_seccomp(struct task_struct *p) > * needed because this new task is not yet running and cannot > * be racing exec. > */ > - BUG_ON(!spin_is_locked(¤t->sighand->siglock)); > + assert_spin_locked(¤t->sighand->siglock); > > /* Ref-count the new filter user, and assign it. */ > get_seccomp_filter(current); > diff --git a/kernel/seccomp.c b/kernel/seccomp.c > index 25b0043..44eb005 100644 > --- a/kernel/seccomp.c > +++ b/kernel/seccomp.c > @@ -203,7 +203,7 @@ static u32 seccomp_run_filters(int syscall) > > static inline bool seccomp_may_assign_mode(unsigned long seccomp_mode) > { > - BUG_ON(!spin_is_locked(¤t->sighand->siglock)); > + assert_spin_locked(¤t->sighand->siglock); > > if (current->seccomp.mode && current->seccomp.mode != seccomp_mode) > return false; > @@ -214,7 +214,7 @@ static inline bool seccomp_may_assign_mode(unsigned long > seccomp_mode) > static inline void seccomp_assign_mode(struct task_struct *task, > unsigned long seccomp_mode) > { > - BUG_ON(!spin_is_locked(&task->sighand->siglock)); > + assert_spin_locked(&task->sighand->siglock); > > task->seccomp.mode = seccomp_mode; > /* > @@ -253,7 +253,7 @@ static inline pid_t seccomp_can_sync_threads(void) > struct task_struct *thread, *caller; > > BUG_ON(!mutex_is_locked(¤t->signal->cred_guard_mutex)); > - BUG_ON(!spin_is_locked(¤t->sighand->siglock)); > + assert_spin_locked(¤t->sighand->siglock); > > /* Validate all threads being eligible for synchronization. */ > caller = current; > @@ -294,7 +294,7 @@ static inline void seccomp_sync_threads(void) > struct task_struct *thread, *caller; > > BUG_ON(!mutex_is_locked(¤t->signal->cred_guard_mutex)); > - BUG_ON(!spin_is_locked(¤t->sighand->siglock)); > + assert_spin_locked(¤t->sighand->siglock); > > /* Synchronize all threads. */ > caller = current; > @@ -464,7 +464,7 @@ static long seccomp_attach_filter(unsigned int flags, > unsigned long total_insns; > struct seccomp_filter *walker; > > - BUG_ON(!spin_is_locked(¤t->sighand->siglock)); > + assert_spin_locked(¤t->sighand->siglock); > > /* Validate resulting filter length. */ > total_insns = filter->prog->len; > -- > 1.9.1 > -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
