lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 12 Dec 2017 09:01:10 -0800
From:   Tejun Heo <tj@...nel.org>
To:     "jianchao.wang" <jianchao.w.wang@...cle.com>
Cc:     axboe@...nel.dk, linux-kernel@...r.kernel.org, oleg@...hat.com,
        peterz@...radead.org, kernel-team@...com, osandov@...com
Subject: Re: [PATCH 6/6] blk-mq: remove REQ_ATOM_STARTED

Hello, Jianchao.

On Tue, Dec 12, 2017 at 06:09:32PM +0800, jianchao.wang wrote:
> > @@ -786,18 +779,6 @@ static void blk_mq_rq_timed_out(struct request *req, bool reserved)
> >  	const struct blk_mq_ops *ops = req->q->mq_ops;
> >  	enum blk_eh_timer_return ret = BLK_EH_RESET_TIMER;
> >  
> > -	/*
> > -	 * We know that complete is set at this point. If STARTED isn't set
> > -	 * anymore, then the request isn't active and the "timeout" should
> > -	 * just be ignored. This can happen due to the bitflag ordering.
> > -	 * Timeout first checks if STARTED is set, and if it is, assumes
> > -	 * the request is active. But if we race with completion, then
> > -	 * both flags will get cleared. So check here again, and ignore
> > -	 * a timeout event with a request that isn't active.
> > -	 */
> > -	if (!test_bit(REQ_ATOM_STARTED, &req->atomic_flags))
> > -		return;
> > -
> >  	if (ops->timeout)
> >  		ret = ops->timeout(req, reserved);
>
> The BLK_EH_RESET_TIMER case has not been covered here. In that case,
> the timer will be re-armed, but the gstate and aborted_gstate are
> not updated and still equal with echo other.  Consequently, when the
> request is completed later, the __blk_mq_complete_request() will be
> missed, then the request will expire again. The aborted_gstate
> should be updated in the BLK_EH_RESET_TIMER case.

You're right.  This is inherently racy tho.  Nothing prevented the
command from completing before complete was cleared.  I'll just clear
aborted_gstate which should behave the same way.

Thanks.

-- 
tejun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ