lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 23 Apr 2007 16:37:33 +0530
From:	Vaidyanathan Srinivasan <svaidy@...ux.vnet.ibm.com>
To:	menage@...gle.com
CC:	akpm@...ux-foundation.org, sekharan@...ibm.com, dev@...ru,
	xemul@...ru, serue@...ibm.com, vatsa@...ibm.com,
	ebiederm@...ssion.com, ckrm-tech@...ts.sourceforge.net,
	linux-kernel@...r.kernel.org, containers@...ts.osdl.org,
	mbligh@...gle.com, rohitseth@...gle.com, devel@...nvz.org
Subject: Re: [PATCH 0/7] Containers (V8): Generic Process Containers

Hi Paul,

In [patch 3/7] Containers (V8): Add generic multi-subsystem API to
containers, you have forcefully enabled interrupt in
container_init_subsys() with spin_unlock_irq() which breaks on PPC64.


> +static void container_init_subsys(struct container_subsys *ss) {
> +	int retval;
> +	struct list_head *l;
> +	printk(KERN_ERR "Initializing container subsys %s\n",
> ss->name);
> +
> +	/* Create the top container state for this subsystem */
> +	ss->root = &rootnode;
> +	retval = ss->create(ss, dummytop);
> +	BUG_ON(retval);
> +	init_container_css(ss, dummytop);
> +
> +	/* Update all container groups to contain a subsys
> +	 * pointer to this state - since the subsystem is
> +	 * newly registered, all tasks and hence all container
> +	 * groups are in the subsystem's top container. */
> +	spin_lock_irq(&container_group_lock);
> +	l = &init_container_group.list;
> +	do {
> +		struct container_group *cg =
> +			list_entry(l, struct container_group, list);
> +		cg->subsys[ss->subsys_id] =
> dummytop->subsys[ss->subsys_id];
> +		l = l->next;
> +	} while (l != &init_container_group.list);
> +	spin_unlock_irq(&container_group_lock);

Interrupt gets enabled here and on PPC64, the kernel takes a pending
decrementer and crashes because it is too early to handle them.

Use of irqsave and restore routines would fix the problem.
I have included the fix along with minor Kconfig correction.

Also your 3/7 patch did not showup on LKML.

--Vaidy

> +
> +	need_forkexit_callback |= ss->fork || ss->exit;

View attachment "container-irq-fix.patch" of type "text/x-patch" (1710 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ