lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.1.10.0906221055480.10952@makko.or.mcafeemobile.com>
Date:	Mon, 22 Jun 2009 11:03:22 -0700 (PDT)
From:	Davide Libenzi <davidel@...ilserver.org>
To:	Gregory Haskins <ghaskins@...ell.com>
cc:	mst@...hat.com, kvm@...r.kernel.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	avi@...hat.com, paulmck@...ux.vnet.ibm.com,
	Ingo Molnar <mingo@...e.hu>,
	Rusty Russell <rusty@...tcorp.com.au>
Subject: Re: [PATCH 3/3] eventfd: add internal reference counting to fix
 notifier race conditions

On Mon, 22 Jun 2009, Gregory Haskins wrote:

> I am probably confused or perhaps have the wrong terminology, but isnt
> that "ok".  I am concerned about the consumer (the guy getting the
> POLLINs) to be able to detect POLLHUP when the last producer
> (f_ops->write() from userspace, eventfd_signal() from kernel) goes away.
> 
> Consider the following sequence:
> 
> -------------------
> 
> userspace calls "fd = eventfd()", and gives one to KVM as an irqfd, and
> the other to some PCI-passthrough device.
> 
> The kvm/irqfd side acquires a kref, the pci side acquires a file.  At
> this moment, userspace has the fd, and the pci device has the file (for
> eventfd_signal()).  The fget() count is 2.  Userspace closes the fd
> because its done with it, and the count drops to 1.
> 
> Some time later, pci does an fput(), and KVM sees the POLLHUP and cleans up.
> 
> -------------------
> 
> In this new model, the POLLHUP would have gone out as soon as userspace
> closed the fd, even though the intended producer (the PCI device) and
> the consumer (the KVM guest) are still up and running.  This doesnt seem
> right to me.  Or am I missing something?

What you're doing there, is setting up a kernel-to-kernel (since 
userspace only role is to create the eventfd) communication, using a file* 
as accessory. That IMO is plain wrong.
If userspace is either the producer, or the consumer, and you need to 
handle userspace leaving the building, you need to:

	file = eventfd_fget(fd);
	ctx = eventfd_ctx_get(file); /* Eventually, if producer */
	eventfd_pollcb_register(file, ...);
	fput(file);

In your case of kernel-to-kernel scenario, why would you need eventfd at 
all, if userspace role in that model is simply to create it?
There are more effective ways to have in kernel communication channels, 
than resorting to userspace link facilities like eventfd.



- Davide


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ