Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More flexibility regarding which system calls are intercepted by Hijack #201

Open
Rondom opened this issue Aug 12, 2016 · 3 comments
Open

More flexibility regarding which system calls are intercepted by Hijack #201

Rondom opened this issue Aug 12, 2016 · 3 comments

Comments

@Rondom
Copy link

Rondom commented Aug 12, 2016
edited
Loading

From what I can see only a very limited number of system calls is actually intercepted by lkl-hijack.

I am wondering what speaks against widening the number of system calls supported. What would be the pros and cons? Would it interfere with some use cases where people still need programs to access some parts of their host system?

EDIT: I see that rump-hijack has more flexibility regarding which syscalls are intercepted. I edited the issue title to reflect that we should have this flexibility as well :-)
@Rondom Rondom changed the title Increase the number of system calls intercepted by Hijack More flexibility regarding which system calls are intercepted by Hijack Aug 12, 2016
@Rondom
Copy link
Author

Rondom commented Aug 12, 2016

rump-hijack manpage describing some additional features useful for LKL as well

@ghost
Copy link

ghost commented Aug 12, 2016

Yes, interference is the main issue. Think about all the filesystem calls needed to read various files from the host system (e.g. /etc/ld.so.cache), mmap to map host libraries, etc.

Do you have specific system calls you need supported?

@thehajime
Copy link
Member

I am mostly thinking that it's impossible to support all system calls with a hijack library due to various limitations of hijacking. it's a magic indeed but not panacea in my experience. and if we want more LKL syscalls supported, we may need something different as I'm (and a rump guy is) attempting with https://github.com/libos-nuse/frankenlibc (and coupling musl-libc etc).

but you're right @Rondom, librumphijack is much flexible right now and we can improve as they did. Especially specifying the scope of hijack is a good way. I'm even thinking to share/reuse their code (i.e., librumphijack) in LKL but not tried it yet.

@ghost ghost mentioned this issue Aug 19, 2016
Closed
thehajime pushed a commit to libos-nuse/lkl-linux that referenced this issue Feb 23, 2017
@kiryl @torvalds
shmem: fix sleeping from atomic context
253fd0f 
Syzkaller fuzzer managed to trigger this:

    BUG: sleeping function called from invalid context at mm/shmem.c:852
    in_atomic(): 1, irqs_disabled(): 0, pid: 529, name: khugepaged
    3 locks held by khugepaged/529:
     #0:  (shrinker_rwsem){++++..}, at: [<ffffffff818d7ef1>] shrink_slab.part.59+0x121/0xd30 mm/vmscan.c:451
     #1:  (&type->s_umount_key#29){++++..}, at: [<ffffffff81a63630>] trylock_super+0x20/0x100 fs/super.c:392
     #2:  (&(&sbinfo->shrinklist_lock)->rlock){+.+.-.}, at: [<ffffffff818fd83e>] spin_lock include/linux/spinlock.h:302 [inline]
     #2:  (&(&sbinfo->shrinklist_lock)->rlock){+.+.-.}, at: [<ffffffff818fd83e>] shmem_unused_huge_shrink+0x28e/0x1490 mm/shmem.c:427
    CPU: 2 PID: 529 Comm: khugepaged Not tainted 4.10.0-rc5+ lkl#201
    Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
    Call Trace:
       shmem_undo_range+0xb20/0x2710 mm/shmem.c:852
       shmem_truncate_range+0x27/0xa0 mm/shmem.c:939
       shmem_evict_inode+0x35f/0xca0 mm/shmem.c:1030
       evict+0x46e/0x980 fs/inode.c:553
       iput_final fs/inode.c:1515 [inline]
       iput+0x589/0xb20 fs/inode.c:1542
       shmem_unused_huge_shrink+0xbad/0x1490 mm/shmem.c:446
       shmem_unused_huge_scan+0x10c/0x170 mm/shmem.c:512
       super_cache_scan+0x376/0x450 fs/super.c:106
       do_shrink_slab mm/vmscan.c:378 [inline]
       shrink_slab.part.59+0x543/0xd30 mm/vmscan.c:481
       shrink_slab mm/vmscan.c:2592 [inline]
       shrink_node+0x2c7/0x870 mm/vmscan.c:2592
       shrink_zones mm/vmscan.c:2734 [inline]
       do_try_to_free_pages+0x369/0xc80 mm/vmscan.c:2776
       try_to_free_pages+0x3c6/0x900 mm/vmscan.c:2982
       __perform_reclaim mm/page_alloc.c:3301 [inline]
       __alloc_pages_direct_reclaim mm/page_alloc.c:3322 [inline]
       __alloc_pages_slowpath+0xa24/0x1c30 mm/page_alloc.c:3683
       __alloc_pages_nodemask+0x544/0xae0 mm/page_alloc.c:3848
       __alloc_pages include/linux/gfp.h:426 [inline]
       __alloc_pages_node include/linux/gfp.h:439 [inline]
       khugepaged_alloc_page+0xc2/0x1b0 mm/khugepaged.c:750
       collapse_huge_page+0x182/0x1fe0 mm/khugepaged.c:955
       khugepaged_scan_pmd+0xfdf/0x12a0 mm/khugepaged.c:1208
       khugepaged_scan_mm_slot mm/khugepaged.c:1727 [inline]
       khugepaged_do_scan mm/khugepaged.c:1808 [inline]
       khugepaged+0xe9b/0x1590 mm/khugepaged.c:1853
       kthread+0x326/0x3f0 kernel/kthread.c:227
       ret_from_fork+0x31/0x40 arch/x86/entry/entry_64.S:430

The iput() from atomic context was a bad idea: if after igrab() somebody
else calls iput() and we left with the last inode reference, our iput()
would lead to inode eviction and therefore sleeping.

This patch should fix the situation.

Link: http://lkml.kernel.org/r/20170131093141.GA15899@node.shutemov.name
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Rondom @thehajime