| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Jan 2009 11:58:32 +0900 From: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com> To: Paul Menage <menage@...gle.com> Cc: "linux-mm@...ck.org" <linux-mm@...ck.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "lizf@...fujitsu.com" <lizf@...fujitsu.com>, "balbir@...ux.vnet.ibm.com" <balbir@...ux.vnet.ibm.com>, "nishimura@....nes.nec.co.jp" <nishimura@....nes.nec.co.jp>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org> Subject: Re: [PATCH 2/4] cgroup:add css_is_populated On Mon, 19 Jan 2009 18:23:03 -0800 Paul Menage <menage@...gle.com> wrote: > On Mon, Jan 19, 2009 at 6:02 PM, KAMEZAWA Hiroyuki > <kamezawa.hiroyu@...fujitsu.com> wrote: > > Ah, this is related to CSS ID scanning. No real problem to current codes. > > > > Now, in my patch, CSS ID is attached just after create(). > > > > Then, "scan by CSS ID" can find a cgroup which is not populated yet. > > I just wanted to skip them for avoiding mess. > > > > For example, css_tryget() can succeed against css which belongs to not-populated > > cgroup. If creation of cgroup fails, it's destroyed and freed without RCU synchronize. > > This may breaks CSS ID scanning's assumption that "we're safe under rcu_read_lock". > > And allows destroy css while css->refcnt > 1. > > So for the CSS ID case, we could solve this by not populating > css_id->css until creation is guaranteed to have succeeded? (We'd > still allocated the css_id along with the subsystem, just not complete > its initialization). cgroup.c already knows about and hides the > details of css_id, so this wouldn't be hard. > Hmm, moving this call to after populate is not good because id > max_id cannot be handled ;) > + if (ss->use_id) > + if (alloc_css_id(ss, parent, cgrp)) > + goto err_destroy; > + /* At error, ->destroy() callback has to free assigned ID. */ > } Should I delay to set css_id->css pointer to valid value until the end of populate() ? (add populage_css_id() call after cgroup_populate_dir()). I'd like to write add-on patch to the patch [1/4]. (or update it.) css_id->css == NULL case is handled now, anyway. > The question is whether other users of css_tryget() might run into > this problem, without using CSS IDs. But currently no-one's using > css_tryget() apart from you, so that's a problem we can solve as it > arises. > yes ;) > I think we're safe from css_get() being used in this case, since > css_get() can only be used on css references obtained from a locked > task, or from other pointers that are known to be ref-counted, which > would be impossible if css_tryget() can't succeed on a css in the > partially-completed state. > > Thanks, I'll try some other patch. Maybe it's ok to delay updating css_id->css pointer. -Kame -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists