lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 18 May 2011 10:02:44 +0900
From:	KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>
To:	john.stultz@...aro.org
CC:	mingo@...e.hu, linux-kernel@...r.kernel.org, joe@...ches.com,
	mina86@...a86.com, apw@...onical.com, jirislaby@...il.com,
	rientjes@...gle.com, dave@...ux.vnet.ibm.com,
	akpm@...ux-foundation.org, linux-mm@...ck.org,
	a.p.zijlstra@...llo.nl
Subject: Re: [PATCH 1/3] comm: Introduce comm_lock spinlock to protect task->comm
 access

(2011/05/18 7:27), John Stultz wrote:
> On Tue, 2011-05-17 at 23:27 +0200, Ingo Molnar wrote:
>> * John Stultz<john.stultz@...aro.org>  wrote:
>>
>>> The implicit rules for current->comm access being safe without locking are no
>>> longer true. Accessing current->comm without holding the task lock may result
>>> in null or incomplete strings (however, access won't run off the end of the
>>> string).
>>
>> This is rather unfortunate - task->comm is used in a number of performance
>> critical codepaths such as tracing.

Right.


>> Why does this matter so much? A NULL string is not a big deal.
>
> I'll defer to KOSAKI Motohiro and David on this bit. :)

Heh, I did ask you current locking rule of task->comm after you introduced
writable /proc/<pid>/comm.


>> Note, since task->comm is 16 bytes there's the CMPXCHG16B instruction on x86
>> which could be used to update it atomically, should atomicity really be
>> desired.
>
> Could we use this where cmpxchg16b is available and fall back to locking
> if not? Or does that put too much of a penalty on arches that don't have
> cmpxchg16b support?
>
> Alternatively, we can have locked accessors that are safe in the
> majority of slow-path warning printks, and provide unlocked accessors
> for cases where the performance is critical and the code can properly
> handle possibly incomplete comms.

Probably, this is safer choice.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ