I noticed that the system deadlocks if do_execve() request by kmod() triggered
recursive do_execve() request.
An example operation for triggering this deadlock:
# : > /tmp/dummy
# chmod 755 /tmp/dummy
# echo /tmp/dummy > /proc/sys/kernel/hotplug
# modprobe whatever
Although this patch works for me, I'm not sure that this is a correct fix.
Also, my analysis in the patch description may be wrong. Please check.
--------------------
[PATCH] kmod: Avoid deadlock by recursive kmod call.
call_usermodehelper(UMH_WAIT_EXEC) creates a CLONE_VFORK'ed thread.
The vforked thread may call call_usermodehelper(UMH_WAIT_PROC) from
search_binary_handler() which in turn calls wait_for_completion().
This sequence results in a deadlock because "khelper cannot start processing
call_usermodehelper(UMH_WAIT_PROC) until do_execve() of vforked thread by
call_usermodehelper(UMH_WAIT_EXEC) completes" but "vforked thread cannot
complete do_execve() until call_usermodehelper(UMH_WAIT_PROC) completes".
We need to make sure that do_execve() request by vforked thread does not
trigger call_usermodehelper(UMH_WAIT_PROC or UMH_WAIT_EXEC).
Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
---
kernel/kmod.c | 9 +++++++++
1 files changed, 9 insertions(+)
--- linux-3.1.7.orig/kernel/kmod.c
+++ linux-3.1.7/kernel/kmod.c
@@ -428,6 +428,15 @@ int call_usermodehelper_exec(struct subp
retval = -EBUSY;
goto out;
}
+ /*
+ * We can't call wait_for_completion() if current thread was created
+ * with CLONE_VFORK flag, or we will deadlock when current thread calls
+ * request_module() from search_binary_handler().
+ */
+ if (wait != UMH_NO_WAIT && current->vfork_done) {
+ retval = -EBUSY;
+ goto out;
+ }
sub_info->complete = &done;
sub_info->wait = wait;
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
