Patchwork [lucid/fsl-imx51,CVE,1/1] perf: Fix software event overflow

login
register
mail settings
Submitter Andy Whitcroft
Date Aug. 26, 2011, 8:59 a.m.
Message ID <1314349177-31003-2-git-send-email-apw@canonical.com>
Download mbox | patch
Permalink /patch/111726/
State New
Headers show

Comments

Andy Whitcroft - Aug. 26, 2011, 8:59 a.m.
The below patch is for -stable only, upstream has a much larger patch
that contains the below hunk in commit a8b0ca17b80e92faab46ee7179ba9e99ccb61233

Vince found that under certain circumstances software event overflows
go wrong and deadlock. Avoid trying to delete a timer from the timer
callback.

Reported-by: Vince Weaver <vweaver1@eecs.utk.edu>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

CVE-2011-2918
backported from commit 462fee3af72df0de7b60b96c525ffe8baf4db0f0 stable-3.0.y
Signed-off-by: Andy Whitcroft <apw@canonical.com>
---
 kernel/perf_counter.c |    8 ++------
 1 files changed, 2 insertions(+), 6 deletions(-)

Patch

diff --git a/kernel/perf_counter.c b/kernel/perf_counter.c
index 237fd07..8ec975a 100644
--- a/kernel/perf_counter.c
+++ b/kernel/perf_counter.c
@@ -3515,12 +3515,8 @@  int perf_counter_overflow(struct perf_counter *counter, int nmi,
 	if (events && atomic_dec_and_test(&counter->event_limit)) {
 		ret = 1;
 		counter->pending_kill = POLL_HUP;
-		if (nmi) {
-			counter->pending_disable = 1;
-			perf_pending_queue(&counter->pending,
-					   perf_pending_counter);
-		} else
-			perf_counter_disable(counter);
+		counter->pending_disable = 1;
+		perf_pending_queue(&counter->pending, perf_pending_counter);
 	}
 
 	perf_counter_output(counter, nmi, data);