lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Jul 2019 15:33:11 +0200 From: Dmitry Vyukov <dvyukov@...gle.com> To: Peter Zijlstra <peterz@...radead.org> Cc: "Paul E. McKenney" <paulmck@...ux.ibm.com>, "Theodore Ts'o" <tytso@....edu>, syzbot <syzbot+4bfbbf28a2e50ab07368@...kaller.appspotmail.com>, Andreas Dilger <adilger.kernel@...ger.ca>, David Miller <davem@...emloft.net>, eladr@...lanox.com, Ido Schimmel <idosch@...lanox.com>, Jiri Pirko <jiri@...lanox.com>, John Stultz <john.stultz@...aro.org>, linux-ext4@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>, netdev <netdev@...r.kernel.org>, syzkaller-bugs <syzkaller-bugs@...glegroups.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...nel.org> Subject: Re: INFO: rcu detected stall in ext4_write_checks On Mon, Jul 15, 2019 at 3:29 PM Peter Zijlstra <peterz@...radead.org> wrote: > > On Sun, Jul 14, 2019 at 11:49:15AM -0700, Paul E. McKenney wrote: > > On Sun, Jul 14, 2019 at 05:48:00PM +0300, Dmitry Vyukov wrote: > > > But short term I don't see any other solution than stop testing > > > sched_setattr because it does not check arguments enough to prevent > > > system misbehavior. Which is a pity because syzkaller has found some > > > bad misconfigurations that were oversight on checking side. > > > Any other suggestions? > > > > Keep the times down to a few seconds? Of course, that might also > > fail to find interesting bugs. > > Right, if syzcaller can put a limit on the period/deadline parameters > (and make sure to not write "-1" to > /proc/sys/kernel/sched_rt_runtime_us) then per the in-kernel > access-control should not allow these things to happen. Since we are racing with emails, could you suggest a 100% safe parameters? Because I only hear people saying "safe", "sane", "well-behaving" :) If we move the check to user-space, it does not mean that we can get away without actually defining what that means. Now thinking of this, if we come up with some simple criteria, could we have something like a sysctl that would allow only really "safe" parameters?
Powered by blists - more mailing lists