From: Hiroshi Shimamoto <[email protected]>
Impact: fix
When recursion_bug is true, kernel discards original message because printk_buf
contains recursion_bug_msg with NULL terminator. The sizeof(recursion_bug_msg)
makes this, use strlen() to get correct length without NULL terminator.
Reported-by: Toshikazu Nakayama <[email protected]>
Signed-off-by: Hiroshi Shimamoto <[email protected]>
---
kernel/printk.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/printk.c b/kernel/printk.c
index f492f15..e651ab0 100644
--- a/kernel/printk.c
+++ b/kernel/printk.c
@@ -662,7 +662,7 @@ asmlinkage int vprintk(const char *fmt, va_list args)
if (recursion_bug) {
recursion_bug = 0;
strcpy(printk_buf, recursion_bug_msg);
- printed_len = sizeof(recursion_bug_msg);
+ printed_len = strlen(recursion_bug_msg);
}
/* Emit the output into the temporary buffer */
printed_len += vscnprintf(printk_buf + printed_len,
--
1.6.0.4
* Hiroshi Shimamoto <[email protected]> wrote:
> From: Hiroshi Shimamoto <[email protected]>
>
> Impact: fix
>
> When recursion_bug is true, kernel discards original message because printk_buf
> contains recursion_bug_msg with NULL terminator. The sizeof(recursion_bug_msg)
> makes this, use strlen() to get correct length without NULL terminator.
>
> Reported-by: Toshikazu Nakayama <[email protected]>
> Signed-off-by: Hiroshi Shimamoto <[email protected]>
> ---
> kernel/printk.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
Good one - applied to tip/core/printk, thanks!
Btw., i'm curious: in what situation was such recursion observed, and how
did the kernel behave? You saw a truncated recursion message in dmesg - or
was it worse?
Ingo
Ingo Molnar wrote:
> * Hiroshi Shimamoto <[email protected]> wrote:
>
>> From: Hiroshi Shimamoto <[email protected]>
>>
>> Impact: fix
>>
>> When recursion_bug is true, kernel discards original message because printk_buf
>> contains recursion_bug_msg with NULL terminator. The sizeof(recursion_bug_msg)
>> makes this, use strlen() to get correct length without NULL terminator.
>>
>> Reported-by: Toshikazu Nakayama <[email protected]>
>> Signed-off-by: Hiroshi Shimamoto <[email protected]>
>> ---
>> kernel/printk.c | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> Good one - applied to tip/core/printk, thanks!
>
> Btw., i'm curious: in what situation was such recursion observed, and how
> did the kernel behave? You saw a truncated recursion message in dmesg - or
> was it worse?
I'm not sure about the real situation. I've heard this issue was found in
printing messages in NMI handler, maybe with artificial kernel stuck.
Thanks,
Hiroshi
* Hiroshi Shimamoto <[email protected]> wrote:
> Ingo Molnar wrote:
> > * Hiroshi Shimamoto <[email protected]> wrote:
> >
> >> From: Hiroshi Shimamoto <[email protected]>
> >>
> >> Impact: fix
> >>
> >> When recursion_bug is true, kernel discards original message because printk_buf
> >> contains recursion_bug_msg with NULL terminator. The sizeof(recursion_bug_msg)
> >> makes this, use strlen() to get correct length without NULL terminator.
> >>
> >> Reported-by: Toshikazu Nakayama <[email protected]>
> >> Signed-off-by: Hiroshi Shimamoto <[email protected]>
> >> ---
> >> kernel/printk.c | 2 +-
> >> 1 files changed, 1 insertions(+), 1 deletions(-)
> >
> > Good one - applied to tip/core/printk, thanks!
> >
> > Btw., i'm curious: in what situation was such recursion observed, and how
> > did the kernel behave? You saw a truncated recursion message in dmesg - or
> > was it worse?
>
> I'm not sure about the real situation. I've heard this issue was found
> in printing messages in NMI handler, maybe with artificial kernel stuck.
yeah, accidental NMI recursion back into printk could indeed cause the
recursion message to pop up.
Ingo