[PATCH] Ratelimit printks due to unhandled signals in x86_64

Hello, 
The following patch enables ratelimiting of unhandled signals in x86_64.
Without this, a malicious user could inflict local DoS and fill up the
logs with a code like this:

main()
{
	while(1)
		if (!fork())
			*(int *)0 = 0;
}

The patch is against 2.6.16.y tree. I've sent a similar one to Andrew
for inclusion in the -mm tree.
cheers,
Masoud

Signed-off-by: Masoud Sharbiani <[email protected]>

diff --git a/arch/x86_64/kernel/signal.c b/arch/x86_64/kernel/signal.c
index 5876df1..4b3cd29 100644
--- a/arch/x86_64/kernel/signal.c
+++ b/arch/x86_64/kernel/signal.c
@@ -505,7 +505,7 @@ void do_notify_resume(struct pt_regs *regs, sigset_t *oldset, __u32 thread_info_
 void signal_fault(struct pt_regs *regs, void __user *frame, char *where)
 { 
 	struct task_struct *me = current; 
-	if (exception_trace)
+	if (exception_trace && printk_ratelimit())
 		printk("%s[%d] bad frame in %s frame:%p rip:%lx rsp:%lx orax:%lx\n",
 	       me->comm,me->pid,where,frame,regs->rip,regs->rsp,regs->orig_rax); 
 
diff --git a/arch/x86_64/kernel/traps.c b/arch/x86_64/kernel/traps.c
index a5209fd..4f22aaa 100644
--- a/arch/x86_64/kernel/traps.c
+++ b/arch/x86_64/kernel/traps.c
@@ -480,7 +480,8 @@ static void __kprobes do_trap(int trapnr, int signr, char *str,
 	tsk->thread.trap_no = trapnr;
 
 	if (user_mode(regs)) {
-		if (exception_trace && unhandled_signal(tsk, signr))
+		if (exception_trace && unhandled_signal(tsk, signr) && 
+		    printk_ratelimit())
 			printk(KERN_INFO
 			       "%s[%d] trap %s rip:%lx rsp:%lx error:%lx\n",
 			       tsk->comm, tsk->pid, str,
diff --git a/arch/x86_64/mm/fault.c b/arch/x86_64/mm/fault.c
index 2e7c3c8..92f6448 100644
--- a/arch/x86_64/mm/fault.c
+++ b/arch/x86_64/mm/fault.c
@@ -475,7 +475,8 @@ bad_area_nosemaphore:
 		    (address >> 32))
 			return;
 
-		if (exception_trace && unhandled_signal(tsk, SIGSEGV)) {
+		if (exception_trace && unhandled_signal(tsk, SIGSEGV) &&
+		    printk_ratelimit()) {
 			printk(
 		       "%s%s[%d]: segfault at %016lx rip %016lx rsp %016lx error %lx\n",
 					tsk->pid > 1 ? KERN_INFO : KERN_EMERG,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation,pathname matching
• Next by Date: Re: Size of kernel modules
• Previous by thread: Re: [2/2] 2.6.22-rc4: known regressions with patches v2
• Next by thread: [PATCH] Remove bashisms from scripts/extract-ikconfig
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]