lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 30 Jun 2009 08:09:08 -0400
From:	Gregory Haskins <ghaskins@...ell.com>
To:	"Michael S. Tsirkin" <mst@...hat.com>
CC:	steve@...gwyn.com, Steven Whitehouse <swhiteho@...hat.com>,
	linux-kernel@...r.kernel.org, dhowells@...hat.com
Subject: Re: [PATCH v4] slow-work: add (module*)work->ops->owner to fix	races
 with module clients

Michael S. Tsirkin wrote:
> On Tue, Jun 30, 2009 at 10:18:32AM +0100, steve@...gwyn.com wrote:
>   
>> Hi,
>>
>> On Tue, Jun 30, 2009 at 12:07:15PM +0300, Michael S. Tsirkin wrote:
>>     
>>> On Tue, Jun 30, 2009 at 09:43:03AM +0100, Steven Whitehouse wrote:
>>>       
>>>> Hi,
>>>>
>>>> I'm happy to ACK this, but the race doesn't exist in GFS2's case because
>>>> we wait for all work related to each GFS2 fs at umount time and the
>>>> module unload cannot happen until all GFS2 fs are umounted,
>>>>
>>>> Steve.
>>>>         
>>> I wonder whether the following holds:
>>>
>>> static void gfs2_recover_put_ref(struct slow_work *work)
>>> {
>>>         struct gfs2_jdesc *jd = container_of(work, struct gfs2_jdesc, jd_work);
>>>         clear_bit(JDF_RECOVERY, &jd->jd_flags);
>>>         smp_mb__after_clear_bit();
>>>         wake_up_bit(&jd->jd_flags, JDF_RECOVERY);
>>>
>>> <- umount can complete here?
>>>
>>> }
>>>
>>>
>>> If yes, .text of the module could go away between the point marked by <-
>>> and return from gfs2_recover_put_ref.
>>>
>>>
>>>       
>> Well in theory, yes. In reality I don't think it could ever happen
>>     
>
> Right. IIUC, that's all Gregory's patch is trying to address: a
> theoretical race condition.
>
>   
Yeah, I never actually saw a crash.  I just noticed the hole via code
inspection.

Regards,
-Greg


Download attachment "signature.asc" of type "application/pgp-signature" (267 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ