[PATCH] kexec: Bail out upon SIGKILL when allocating memory.

Tetsuo Handa penguin-kernel at I-love.SAKURA.ne.jp
Tue Jul 23 06:22:55 PDT 2019


Andrew, can you pick up this patch? 

On 2019/07/01 19:52, Tetsuo Handa wrote:
> Andrew, can you pick up this patch? We might miss next merge window, for
> Eric Biederman seems to be offline for two weeks. 
> 
> On 2019/06/14 19:16, Tetsuo Handa wrote:
>> syzbot found that a thread can stall for minutes inside kexec_load() after
>> that thread was killed by SIGKILL [1]. It turned out that the reproducer
>> was trying to allocate 2408MB of memory using kimage_alloc_page() from
>> kimage_load_normal_segment(). Let's check for SIGKILL before doing memory
>> allocation.
>>
>> [1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f5e
>>
>> Signed-off-by: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
>> Reported-by: syzbot <syzbot+8ab2d0f39fb79fe6ca40 at syzkaller.appspotmail.com>
>> ---
>>  kernel/kexec_core.c | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
>> index fd5c95f..2b25d95 100644
>> --- a/kernel/kexec_core.c
>> +++ b/kernel/kexec_core.c
>> @@ -302,6 +302,8 @@ static struct page *kimage_alloc_pages(gfp_t gfp_mask, unsigned int order)
>>  {
>>  	struct page *pages;
>>  
>> +	if (fatal_signal_pending(current))
>> +		return NULL;
>>  	pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order);
>>  	if (pages) {
>>  		unsigned int count, i;
>>
> 



More information about the kexec mailing list