lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 25 Mar 2007 23:22:15 +0530
From:	Balbir Singh <balbir@...ibm.com>
To:	vatsa@...ibm.com
CC:	pj@....com, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Fix race between attach_task and cpuset_exit

Hi, Vatsa,

Srivatsa Vaddagiri wrote:
> 
> diff -puN kernel/cpuset.c~cpuset_race_fix kernel/cpuset.c
> --- linux-2.6.21-rc4/kernel/cpuset.c~cpuset_race_fix	2007-03-25 21:08:27.000000000 +0530
> +++ linux-2.6.21-rc4-vatsa/kernel/cpuset.c	2007-03-25 21:25:05.000000000 +0530
> @@ -1182,6 +1182,7 @@ static int attach_task(struct cpuset *cs
>  	pid_t pid;
>  	struct task_struct *tsk;
>  	struct cpuset *oldcs;
> +	struct cpuset *oldcs_tobe_released = NULL;

How about oldcs_to_be_released?

>  	cpumask_t cpus;
>  	nodemask_t from, to;
>  	struct mm_struct *mm;
> @@ -1237,6 +1238,8 @@ static int attach_task(struct cpuset *cs
>  	}
>  	atomic_inc(&cs->count);
>  	rcu_assign_pointer(tsk->cpuset, cs);
> +	if (atomic_dec_and_test(&oldcs->count))
> +		oldcs_tobe_released = oldcs;
>  	task_unlock(tsk);
> 
>  	guarantee_online_cpus(cs, &cpus);
> @@ -1257,8 +1260,8 @@ static int attach_task(struct cpuset *cs
> 
>  	put_task_struct(tsk);
>  	synchronize_rcu();
> -	if (atomic_dec_and_test(&oldcs->count))
> -		check_for_release(oldcs, ppathbuf);
> +	if (oldcs_tobe_released)
> +		check_for_release(oldcs_tobe_released, ppathbuf);
>  	return 0;
>  }
> 
> @@ -2200,10 +2203,6 @@ void cpuset_fork(struct task_struct *chi
>   * it is holding that mutex while calling check_for_release(),
>   * which calls kmalloc(), so can't be called holding callback_mutex().
>   *
> - * We don't need to task_lock() this reference to tsk->cpuset,
> - * because tsk is already marked PF_EXITING, so attach_task() won't
> - * mess with it, or task is a failed fork, never visible to attach_task.
> - *
>   * the_top_cpuset_hack:
>   *
>   *    Set the exiting tasks cpuset to the root cpuset (top_cpuset).
> @@ -2242,19 +2241,20 @@ void cpuset_exit(struct task_struct *tsk
>  {
>  	struct cpuset *cs;
> 
> +	task_lock(tsk);
>  	cs = tsk->cpuset;
>  	tsk->cpuset = &top_cpuset;	/* the_top_cpuset_hack - see above */
> +	atomic_dec(&cs->count);

How about using a local variable like ref_count and using

ref_count = atomic_dec_and_test(&cs->count); This will avoid the two
atomic operations, atomic_dec() and atomic_read() below.

> +	task_unlock(tsk);
> 
>  	if (notify_on_release(cs)) {
>  		char *pathbuf = NULL;
> 
>  		mutex_lock(&manage_mutex);
> -		if (atomic_dec_and_test(&cs->count))
> +		if (!atomic_read(&cs->count))

if (ref_count == 0)

>  			check_for_release(cs, &pathbuf);
>  		mutex_unlock(&manage_mutex);
>  		cpuset_release_agent(pathbuf);
> -	} else {
> -		atomic_dec(&cs->count);
>  	}
>  }
> 

-- 
	Warm Regards,
	Balbir Singh
	Linux Technology Center
	IBM, ISTL
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists