lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu,  5 Feb 2009 12:45:21 -0800 (PST)
From:	Roland McGrath <roland@...hat.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Ingo Molnar <mingo@...e.hu>, Lin Ming <ming.m.lin@...el.com>,
	Peter Zijlstra <peterz@...radead.org>,
	"Zhang, Yanmin" <yanmin_zhang@...ux.intel.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] posix-cpu-timers: use ->sighand instead of
	->signal to check the task is alive

> We can't use them as refcounts. You can't bump ->live or ->count without
> breaking group_dead or exec logic. Perhaps we can use ->count, but then
> we need other changes. 

We certainly need to clean up exec anyway.

> But this has nothing to do with this patch.

Agreed.

> The goal is to keep task->signal after release_task(), it will be freed
> by __put_task_struct(). This allows a lot of simplifications and we can
> move some fields from task_struct to signal_struct.

That sounds fine to me in theory, but I still wonder what the story will be
about the use of siglock.

> But first we should change the code which does [...]

I did understand the rationale given the signal_struct lifetime change.

> > Uses here protecting cpu_clock_sample_group() e.g., are
> > around looking at ->signal->foobar, so if ->signal is still there, why not
> > look at it and be able to get the sample in whatever small window this is?
> 
> What if arm_timer() sees ->signal != NULL, proceeds, and attaches the
> timer to the signal_struct of the already dead task? This signal_strcut
> will be released with the pending timer.

Of course.  I distinctly mentioned the read-only uses (sample).

> Even cpu_clock_sample_group() is not safe, unless we add other changes.

Why?  It does no locking and only relies on the signal_struct lifetime.

> But in any case. Even if we don't need the further changes, do you
> agree this patch is correct and doesn't change the behaviour?

Yes.


Thanks,
Roland
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ