[PATCH] Ratelimit printks due to unhandled signals in x86_64

Sat, 09 Jun 2007 11:40:59 -0700 

Hello, 
The following patch enables ratelimiting of unhandled signals in x86_64.
Without this, a malicious user could inflict local DoS and fill up the
logs with a code like this:

main()
{
        while(1)
                if (!fork())
                        *(int *)0 = 0;
}

The patch is against 2.6.16.y tree. I've sent a similar one to Andrew
for inclusion in the -mm tree.
cheers,
Masoud

Signed-off-by: Masoud Sharbiani <[EMAIL PROTECTED]>

diff --git a/arch/x86_64/kernel/signal.c b/arch/x86_64/kernel/signal.c
index 5876df1..4b3cd29 100644
--- a/arch/x86_64/kernel/signal.c
+++ b/arch/x86_64/kernel/signal.c
@@ -505,7 +505,7 @@ void do_notify_resume(struct pt_regs *regs, sigset_t 
*oldset, __u32 thread_info_
 void signal_fault(struct pt_regs *regs, void __user *frame, char *where)
 { 
        struct task_struct *me = current; 
-       if (exception_trace)
+       if (exception_trace && printk_ratelimit())
                printk("%s[%d] bad frame in %s frame:%p rip:%lx rsp:%lx 
orax:%lx\n",
               
me->comm,me->pid,where,frame,regs->rip,regs->rsp,regs->orig_rax); 
 
diff --git a/arch/x86_64/kernel/traps.c b/arch/x86_64/kernel/traps.c
index a5209fd..4f22aaa 100644
--- a/arch/x86_64/kernel/traps.c
+++ b/arch/x86_64/kernel/traps.c
@@ -480,7 +480,8 @@ static void __kprobes do_trap(int trapnr, int signr, char 
*str,
        tsk->thread.trap_no = trapnr;
 
        if (user_mode(regs)) {
-               if (exception_trace && unhandled_signal(tsk, signr))
+               if (exception_trace && unhandled_signal(tsk, signr) && 
+                   printk_ratelimit())
                        printk(KERN_INFO
                               "%s[%d] trap %s rip:%lx rsp:%lx error:%lx\n",
                               tsk->comm, tsk->pid, str,
diff --git a/arch/x86_64/mm/fault.c b/arch/x86_64/mm/fault.c
index 2e7c3c8..92f6448 100644
--- a/arch/x86_64/mm/fault.c
+++ b/arch/x86_64/mm/fault.c
@@ -475,7 +475,8 @@ bad_area_nosemaphore:
                    (address >> 32))
                        return;
 
-               if (exception_trace && unhandled_signal(tsk, SIGSEGV)) {
+               if (exception_trace && unhandled_signal(tsk, SIGSEGV) &&
+                   printk_ratelimit()) {
                        printk(
                       "%s%s[%d]: segfault at %016lx rip %016lx rsp %016lx 
error %lx\n",
                                        tsk->pid > 1 ? KERN_INFO : KERN_EMERG,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to