Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp3393869ybp; Sun, 6 Oct 2019 10:58:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqwXZU+FkofggRoR6PS9Su8T9DYdjzSQ7bOEgvBIvgaObs04s57WCApLlHnPcwL7+01jx89/ X-Received: by 2002:a17:906:7294:: with SMTP id b20mr19925385ejl.216.1570384723898; Sun, 06 Oct 2019 10:58:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570384723; cv=none; d=google.com; s=arc-20160816; b=C4z5rYoUoePVP4AM9wNT8aWc6GeDt/102ohm5fj26cxbXd1MQNXst91AYl6Au0w+lN zHsdxPd32Mrfd/dx8sVkaoYqbiOsgw59DCCU0u+7uc7ySPYSU2EM43ro2QP9sJ7z0e0z zf8nh54hIwex03xuANtcpkPElgJ1/To1rH6EwWiYILVJeDKL2psR1Cf71LLiJyT8WJdu P2Vvf+clE1EbZdUXUoQa7H0Mxi3RMRMi7U3Ddsbs5YaZ0l+IFc2dWn2xgKdakfkp8Wpd i/9BOJw2Fdc0NoyQ5jOT0v2NUgRisXFmYkWGtuxCDQWAQO4U2ZdjHnp1oJrNMvOSQXwu mmOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=StPAMYALLhavzV8ME7aHrGBO4PRk9tiFE9YijjF354I=; b=ywdJqm1pyVQhZQ9UETOluVEBwria4/pvlps6Qs25mwio4WbLRbCKRbzks7puJ1peF7 Nrirxf3wq1HQeBURIaujKQItDy4IQlsZeXPhD80Jfb0AMrOgtaGhiKC1mqAr6caT66MJ v79cVOgJioHZg3BEmxA3nyfNCOCqeSEdIYV6oWsunNAzb8+R0Wa97UM0LhNReGZAnqET 9t3DlqZ/d4DvAN6NcRgWUtRScPwY3sfmHrlCfUaVoOydPNDEbMvtTT3VlmBu7Xwx77It q3JDMjVVumlpRPbt5TzFazdNZ8tkujZc25NyCwjZ1i0/pB6h/wTfgZrUnAMmANpL5s6V ztpw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=IiwILHY4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w18si7299078eda.445.2019.10.06.10.58.20; Sun, 06 Oct 2019 10:58:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=IiwILHY4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729596AbfJFRce (ORCPT + 99 others); Sun, 6 Oct 2019 13:32:34 -0400 Received: from mail.kernel.org ([198.145.29.99]:59020 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729587AbfJFRcc (ORCPT ); Sun, 6 Oct 2019 13:32:32 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2A0F52080F; Sun, 6 Oct 2019 17:32:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570383151; bh=Ffas5AgijVqWvr/TSM4XOh15N+KI9nuJSQvvBxjlz8c=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IiwILHY42ZTXfaumbrB+lrP7yv4Ga0fiZSMXAydkU1rC2vMpXvLWavdx5o2t1ler8 8jV7eYkcJ2okmJ8jiV0jw0WL91GwKs7wN4R3ABT0KXCGV6VUKTsn3NxLcHJ+Znl8kJ KlaE+CA3vtNtezK2aNRgvyJRyqoSWDiSnKIs0nvc= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Tetsuo Handa , syzbot , Eric Biederman , Andrew Morton , Linus Torvalds Subject: [PATCH 4.19 105/106] kexec: bail out upon SIGKILL when allocating memory. Date: Sun, 6 Oct 2019 19:21:51 +0200 Message-Id: <20191006171204.889444159@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191006171124.641144086@linuxfoundation.org> References: <20191006171124.641144086@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tetsuo Handa commit 7c3a6aedcd6aae0a32a527e68669f7dd667492d1 upstream. syzbot found that a thread can stall for minutes inside kexec_load() after that thread was killed by SIGKILL [1]. It turned out that the reproducer was trying to allocate 2408MB of memory using kimage_alloc_page() from kimage_load_normal_segment(). Let's check for SIGKILL before doing memory allocation. [1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f5e Link: http://lkml.kernel.org/r/993c9185-d324-2640-d061-bed2dd18b1f7@I-love.SAKURA.ne.jp Signed-off-by: Tetsuo Handa Reported-by: syzbot Cc: Eric Biederman Reviewed-by: Andrew Morton Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- kernel/kexec_core.c | 2 ++ 1 file changed, 2 insertions(+) --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -301,6 +301,8 @@ static struct page *kimage_alloc_pages(g { struct page *pages; + if (fatal_signal_pending(current)) + return NULL; pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order); if (pages) { unsigned int count, i;