Recursive function causes DoS in tpe-lkm

I’ve discovered my first denial-of-service bug in the linux kernel. I’m a bit teary eyed, not because the bug was in my own code, but it marks the first bug I’ve found in linux kernel code.

Not worth of a CVE or anything, because I still haven’t declared the code stable, and I don’t imagine many people use this thing just yet. But in the interest of full disclosure, here is information about the bug.

It’s caused by a recursive function when reporting denied executions, parent_task_walk(). You can view the code here:

Launch enough shells on top of each other, and then try to execute something in an un-trusted path, and BAM! You’ve just crashed the machine.

Recursive function in the linux kernel? What was I thinking? I wasn’t, actually, as my main goal with the project initially was proof-of-concept. Now that I’m actually using the thing in ad-hoc production environments, it’s time I search the code for problems. Well, I found one!

Since it’s late and I’m not going to fix it tonight, I opted to ask for what the best approach would be on stack overflow:

I’ll have a fix pushed out some time this week. It’ll be your thanksgiving present.

One thought on “Recursive function causes DoS in tpe-lkm”

Leave a Reply

Your email address will not be published. Required fields are marked *