Content: In the Linux kernel, an important vulnerability regarding the s390/entry and stack depot warnings has recently been patched. The issue involves a flaw in the filtering and de-duplication process of the stack traces in the top interrupt context. The vulnerability has been resolved with the following commit:
s390/entry: Mark IRQ entries to fix stack depot warnings
This update improves the filtering process in the stack depot by marking specific functions within the .irqentry.text and .softirqentry.text sections, consequently ensuring correct filtering of stack traces for better overall performance and optimization.
The problem was noticed when stack depot warnings similar to the following were observed
Stack depot reached limit capacity
WARNING: CPU: PID: 286113 at lib/stackdepot.c:252 depot_alloc_stack+x39a/x3c8
These warnings often occurred when PREEMPT and KASAN were activated. To address this, developers have moved the IO/EXT interrupt handlers from .kprobes.text to the .irqentry.text section. Moreover, the kprobes blacklist has been updated to include the new .irqentry.text section. The .irqentry.text section is now populated as needed, making the process more efficient.
Note that this change only applies to asynchronous interrupts and not program checks or machine checks, which are preserved for their contexts. Additionally, if Service Calls (SVCs) and Restart Interrupts are not relevant, the filtering will still occur.
Lastly, the same filtering logic has also been added to ftrace function graph, further improving performance and resource usage in specific cases.
With these updates, Linux kernel developers have significantly increased stack depot performance by resolving the underlying vulnerability. This helps to prevent possible issues that stem from warnings and inefficient filtering of stack traces. For additional details and to access the full fix, please refer to the commit on git.kernel.org.
Timeline
Published on: 01/11/2025 14:15:25 UTC
Last modified on: 01/20/2025 06:28:28 UTC