linux/kernel
Alexei Starovoitov 8ebe667c41 bpf: rcu lock must not be held when calling copy_to_user()
BUG: sleeping function called from invalid context at mm/memory.c:3732
in_atomic(): 0, irqs_disabled(): 0, pid: 671, name: test_maps
1 lock held by test_maps/671:
 #0:  (rcu_read_lock){......}, at: [<0000000000264190>] map_lookup_elem+0xe8/0x260
Call Trace:
([<0000000000115b7e>] show_trace+0x12e/0x150)
 [<0000000000115c40>] show_stack+0xa0/0x100
 [<00000000009b163c>] dump_stack+0x74/0xc8
 [<000000000017424a>] ___might_sleep+0x23a/0x248
 [<00000000002b58e8>] might_fault+0x70/0xe8
 [<0000000000264230>] map_lookup_elem+0x188/0x260
 [<0000000000264716>] SyS_bpf+0x20e/0x840

Fix it by allocating temporary buffer to store map element value.

Fixes: db20fd2b01 ("bpf: add lookup/update/delete/iterate methods to BPF maps")
Reported-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Acked-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-26 17:20:40 -08:00
..
bpf bpf: rcu lock must not be held when calling copy_to_user() 2015-01-26 17:20:40 -08:00
configs
debug
events perf: Move task_pt_regs sampling into arch code 2015-01-09 11:12:28 +01:00
gcov gcov: enable GCOV_PROFILE_ALL from ARCH Kconfigs 2014-12-13 12:42:51 -08:00
irq genirq: Prevent proc race against freeing of irq descriptors 2014-12-13 13:33:07 +01:00
locking mutex: Always clear owner field upon mutex_unlock() 2015-01-09 11:20:39 +01:00
power PM: Eliminate CONFIG_PM_RUNTIME 2014-12-19 22:55:06 +01:00
printk This code is a fork from the trace-3.19 pull as it needed the trace_seq 2014-12-13 14:04:41 -08:00
rcu
sched sched/fair: Fix RCU stall upon -ENOMEM in sched_create_group() 2015-01-09 11:19:00 +01:00
time Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-12-19 13:29:20 -08:00
trace This holds a few fixes to the ftrace infrastructure as well as 2015-01-17 07:55:52 +13:00
.gitignore
acct.c
async.c
audit_tree.c fsnotify: unify inode and mount marks handling 2014-12-13 12:42:53 -08:00
audit_watch.c
audit.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-12-30 10:45:47 -08:00
audit.h
auditfilter.c Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit 2014-12-23 18:13:16 -08:00
auditsc.c Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit 2014-12-31 14:52:18 -08:00
backtracetest.c
bounds.c
capability.c
cgroup_freezer.c
cgroup.c
compat.c
configs.c
context_tracking.c
cpu_pm.c
cpu.c
cpuset.c Merge branch 'for-3.19' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2014-12-11 18:57:19 -08:00
crash_dump.c
cred.c
delayacct.c
dma.c
elfcore.c
exec_domain.c
exit.c exit: fix race between wait_consider_task() and wait_task_zombie() 2015-01-08 15:10:51 -08:00
extable.c
fork.c mm: use new helper functions around the i_mmap_mutex 2014-12-13 12:42:45 -08:00
freezer.c
futex_compat.c
futex.c
groups.c userns: Don't allow setgroups until a gid mapping has been setablished 2014-12-09 16:58:40 -06:00
hung_task.c
irq_work.c
jump_label.c
kallsyms.c
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kexec.c kexec: remove unnecessary KERN_ERR from kexec.c 2014-12-13 12:42:51 -08:00
kmod.c usermodehelper: kill the kmod_thread_locker logic 2014-12-10 17:41:17 -08:00
kprobes.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux 2014-12-11 17:30:55 -08:00
ksysfs.c
kthread.c
latencytop.c
Makefile kernel: res_counter: remove the unused API 2014-12-10 17:41:04 -08:00
module_signing.c
module-internal.h
module.c The exciting thing here is the getting rid of stop_machine on module 2014-12-18 20:55:41 -08:00
notifier.c
nsproxy.c
padata.c
panic.c kernel: add panic_on_warn 2014-12-10 17:41:10 -08:00
params.c param: do not set store func without write perm 2014-12-18 12:38:51 +10:30
pid_namespace.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2014-12-16 15:53:03 -08:00
pid.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2014-12-16 15:53:03 -08:00
profile.c
ptrace.c exit: ptrace: shift "reap dead" code from exit_ptrace() to forget_original_parent() 2014-12-10 17:41:10 -08:00
range.c kernel: avoid overflow in cmp_range 2015-01-17 10:02:23 +13:00
reboot.c
relay.c
resource.c
seccomp.c
signal.c Merge branch 'x86-mpx-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-12-10 09:34:43 -08:00
smp.c
smpboot.c
smpboot.h
softirq.c
stacktrace.c stacktrace: introduce snprint_stack_trace for buffer output 2014-12-13 12:42:48 -08:00
stop_machine.c
sys_ni.c syscalls: implement execveat() system call 2014-12-13 12:42:51 -08:00
sys.c
sysctl_binary.c kernel: add panic_on_warn 2014-12-10 17:41:10 -08:00
sysctl.c As the merge window is still open, and this code was not as complex 2014-12-16 12:53:59 -08:00
system_certificates.S
system_keyring.c
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c
tsacct.c
uid16.c
up.c
user_namespace.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2014-12-17 12:31:40 -08:00
user-return-notifier.c
user.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2014-12-17 12:31:40 -08:00
utsname_sysctl.c
utsname.c
watchdog.c
workqueue_internal.h
workqueue.c