Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp3393469ybp; Sun, 6 Oct 2019 10:58:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqz18KAq7ptMMrxzXpc45e00OlhKmXsUfCfrh7l6HSaqO6DV/cl2zqPEsDQgt7qRgCgqqMsN X-Received: by 2002:a17:906:d97a:: with SMTP id rp26mr21126707ejb.251.1570384684462; Sun, 06 Oct 2019 10:58:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570384684; cv=none; d=google.com; s=arc-20160816; b=Q4d/Z+63pbK0i2WIapT6a0XmeFL2YXKX8va7Gm1wkFuq/1cIY9GqVxs4ffsD9NUzgu DfNlN17qAHrxQveh4W7po32s1nkv8KTtLb0BNQm8mxyFV0+S8pkXasFoOPtRFIjfMaqa IkOzHtDy3uzefUYGyvoroFDoymUdTzZ21ZX5Hj+azqvvMIBw+HGQj0caTzFUbr4BY8Hi UOJUf3ATMNyhLtRhA9d7RyvxC4LPHkBpAO5WIa3YpgqIdvl8rpSKG34xsV4j/GbC4SMx 6nwuNioPL2wLzR8NHhFsYSzvgyXlu2an3Rp/MOsmSOU8srvn2awpspVZkKeCPUiKP/Bl 8nYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=kg+If6Ngg+yKAu4SwXpcqLfZ3pLMSm/0nwOd3WqNQVs=; b=hT0vaALakedJUVsBhFhXA+4XSGSnZcakXumOL2Li/sxo3yA4xJ/CIcS+X6ZVlsNzTq DXlECpgJXCncnoE0DMKruTtSYKV+FDdi3p1T9kLV4XqD0En0bQKsYH7rYqJKFHKXEH8Q +bDB+OsAHBKlGinllH1tteMZS5KBCr74LnREMoq5BO9ei7PLnfWm75/b59bzfQJcYdwr dcSGrcGkvQLV7nbVmUGDv9+1JuHzNhecSf1GhksivdiSOQF21keA1/VJdkXR+RwB3CjL V2MRXMtZtfWsAvf+DJnNDOoCBq6uw/LEXFGTqLk0ixsu6ZSAkvNFtZ8MEIlw3y7hV8K0 1JzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ouCm3WsE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k32si6950996ede.244.2019.10.06.10.57.41; Sun, 06 Oct 2019 10:58:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ouCm3WsE; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727628AbfJFRzV (ORCPT + 99 others); Sun, 6 Oct 2019 13:55:21 -0400 Received: from mail.kernel.org ([198.145.29.99]:51346 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727404AbfJFRy3 (ORCPT ); Sun, 6 Oct 2019 13:54:29 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 32E252246B; Sun, 6 Oct 2019 17:46:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570383973; bh=2xcT+VGmJXBcuipPn6QtCUyE9RS/qI0oh11nGPw+dAQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ouCm3WsE5otx4NjaNk2/mVubec2abd6xE7Hapi8sFn0/WYDpF0FH7aU3bNOOr3G0f OJ1Ys4Tlc6EIDcdbBmwO+5nbW+UMBMcXbXhLOxBdggp9y5xivugTGbuHb8Z/ntBEUH 3ydrUnGtXbmADV4H7x3hbnmEn2lOA6HYD3kXXBs0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Tetsuo Handa , syzbot , Eric Biederman , Andrew Morton , Linus Torvalds Subject: [PATCH 5.3 163/166] kexec: bail out upon SIGKILL when allocating memory. Date: Sun, 6 Oct 2019 19:22:09 +0200 Message-Id: <20191006171226.582324852@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191006171212.850660298@linuxfoundation.org> References: <20191006171212.850660298@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tetsuo Handa commit 7c3a6aedcd6aae0a32a527e68669f7dd667492d1 upstream. syzbot found that a thread can stall for minutes inside kexec_load() after that thread was killed by SIGKILL [1]. It turned out that the reproducer was trying to allocate 2408MB of memory using kimage_alloc_page() from kimage_load_normal_segment(). Let's check for SIGKILL before doing memory allocation. [1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f5e Link: http://lkml.kernel.org/r/993c9185-d324-2640-d061-bed2dd18b1f7@I-love.SAKURA.ne.jp Signed-off-by: Tetsuo Handa Reported-by: syzbot Cc: Eric Biederman Reviewed-by: Andrew Morton Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- kernel/kexec_core.c | 2 ++ 1 file changed, 2 insertions(+) --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -300,6 +300,8 @@ static struct page *kimage_alloc_pages(g { struct page *pages; + if (fatal_signal_pending(current)) + return NULL; pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order); if (pages) { unsigned int count, i;