git.alex.org.uk - linux-flexiantxendom0-natty.git/commit

author	Frederic Weisbecker <fweisbec@gmail.com>
	Thu, 7 Apr 2011 14:53:20 +0000 (16:53 +0200)
committer	Steve Conklin <sconklin@canonical.com>
	Thu, 2 Jun 2011 19:23:20 +0000 (14:23 -0500)
commit	ae8431a68b609a59d725cf78bfe82afb52c4b443
tree	3c2d3e0c5f2b6504d3c8ba26d7906b560f4c7e73	tree \| snapshot
parent	c964d8426b1ab6d3be20fc98c1c20c2a50ece4af	commit \| diff

ptrace: Prepare to fix racy accesses on task breakpoints

BugLink: http://bugs.launchpad.net/bugs/788691

commit bf26c018490c2fce7fe9b629083b96ce0e6ad019 upstream.

When a task is traced and is in a stopped state, the tracer
may execute a ptrace request to examine the tracee state and
get its task struct. Right after, the tracee can be killed
and thus its breakpoints released.
This can happen concurrently when the tracer is in the middle
of reading or modifying these breakpoints, leading to dereferencing
a freed pointer.

Hence, to prepare the fix, create a generic breakpoint reference
holding API. When a reference on the breakpoints of a task is
held, the breakpoints won't be released until the last reference
is dropped. After that, no more ptrace request on the task's
breakpoints can be serviced for the tracer.

Reported-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Prasad <prasad@linux.vnet.ibm.com>
Cc: Paul Mundt <lethal@linux-sh.org>
Link: http://lkml.kernel.org/r/1302284067-7860-2-git-send-email-fweisbec@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Steve Conklin <sconklin@canonical.com>

include/linux/ptrace.h		diff \| blob \| history
include/linux/sched.h		diff \| blob \| history
kernel/exit.c		diff \| blob \| history
kernel/ptrace.c		diff \| blob \| history