Re: [PATCH] kexec: Bail out upon SIGKILL when allocating memory.

From: Tetsuo Handa
Date: Mon Jul 01 2019 - 06:52:24 EST


Andrew, can you pick up this patch? We might miss next merge window, for
Eric Biederman seems to be offline for two weeks.

On 2019/06/14 19:16, Tetsuo Handa wrote:
> syzbot found that a thread can stall for minutes inside kexec_load() after
> that thread was killed by SIGKILL [1]. It turned out that the reproducer
> was trying to allocate 2408MB of memory using kimage_alloc_page() from
> kimage_load_normal_segment(). Let's check for SIGKILL before doing memory
> allocation.
>
> [1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f5e
>
> Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
> Reported-by: syzbot <syzbot+8ab2d0f39fb79fe6ca40@xxxxxxxxxxxxxxxxxxxxxxxxx>
> ---
> kernel/kexec_core.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
> index fd5c95f..2b25d95 100644
> --- a/kernel/kexec_core.c
> +++ b/kernel/kexec_core.c
> @@ -302,6 +302,8 @@ static struct page *kimage_alloc_pages(gfp_t gfp_mask, unsigned int order)
> {
> struct page *pages;
>
> + if (fatal_signal_pending(current))
> + return NULL;
> pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order);
> if (pages) {
> unsigned int count, i;
>