Possible bug in call_usermodehelper

From: NITU Vlad
Date: Mon Dec 14 2015 - 07:23:33 EST

Next message: Sergey Senozhatsky: "[PATCH] zram: drop partial_io handling"
Previous message: Geert Uytterhoeven: "Re: [PATCH tip/core/rcu 8/9] arm: Use common outgoing-CPU-notification code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all,

I'm trying to execute a user-space binary from a IRQ context so I started form this module which execute the reboot command. If I adapt this code to execute command with parameters I see that it silently fail. I specify that I use 3.12.47 kernel version. When I started digging into the kernel I figured out that __call_usermodehelper(struct work_struct *work) try to retrieve back the subprocess_info structure using

struct subprocess_info *sub_info = container_of(work, struct subprocess_info, work);

I think that there is a problem with this retrieving because sub_info->argv now contains weird values:

argv and envp in my module:

argv[0] = "/usr/local/sbin/xl";
argv[1] = "migrate";
argv[2] = "ubuntu";
argv[3] = "192.168.0.230";
envp[0] = "HOME=/";
envp[1] = "PWD=/";
envp[2] = "PATH=/usr/local/sbin/xl";
envp[3] = NULL;

argv and envp in __call_usermodehelper

argv[0] = \xffffff90\xffffff9e.\x02\x02\xffffff88\xffffffff\xffffffff\xffffff90\xffffff9e.\x02\x02\xffffff88\xffffffff\xffffffff\xffffff80\xffffffbc\n\t"\x02\xffffff88\xffffffff\xffffffff
the others have similar values to argv[0]

Best regards,
Nitu Vlad-Tiberiu

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Sergey Senozhatsky: "[PATCH] zram: drop partial_io handling"
Previous message: Geert Uytterhoeven: "Re: [PATCH tip/core/rcu 8/9] arm: Use common outgoing-CPU-notification code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]