lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100326214906.GA18467@redhat.com>
Date:	Fri, 26 Mar 2010 22:49:06 +0100
From:	Oleg Nesterov <oleg@...hat.com>
To:	Balbir Singh <balbir@...ux.vnet.ibm.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Americo Wang <xiyou.wangcong@...il.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Hidetoshi Seto <seto.hidetoshi@...fujitsu.com>,
	Ingo Molnar <mingo@...e.hu>,
	Peter Zijlstra <peterz@...radead.org>,
	Roland McGrath <roland@...hat.com>,
	Spencer Candland <spencer@...ehost.com>,
	Stanislaw Gruszka <sgruszka@...hat.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [RFC,PATCH 1/2] cputimers/proc: do_task_stat()->task_times()
	can race with getrusage()

On 03/26, Balbir Singh wrote:
>
> * Oleg Nesterov <oleg@...hat.com> [2010-03-24 21:45:50]:
>
> > do_task_stat()->task_times() can race with getrusage(), they both can
> > try to update task->prev_Xtime at the same time.
> >
> > Remove this bit of d180c5bc "sched: Introduce task_times() to replace
> > task_{u,s}time()".
>
> One of the reasons for adding this accuracy was to avoid sampling
> based noise and errors that occur with utime and stime.
>
> As long as there is no preemption during the assignment, I think we
> should be OK.

I don't think preemp_disable() can help. Probably we can use task_lock().


As for do_task_stat()->thread_group_times(), I think we can make it
rc-safe without breaking /bin/top.

	1. add spin_lock_irqsave(&sig->cputimer.lock) around
	   sig->prev_Xtime = max(...)

	2. Add a couple of barriers into thread_group_cputime()
	   and __exit_signal() so that without ->siglock we can
	   never overestimate utime/stime if we race with exit.

	   If we underestimate these values, this should be fine:

	   - the error can't be "systematic", the next read from
	     /prod/pid/stat will see the updated values

	   - the prev_Xtime logic in thread_group_times() ensures
	     the reported time can never go back.

	   IOW: at worse, cat /proc/pid/stat can miss the time
	   which the exited thread spent on CPU after the previous
	   read of /proc/pid/stat. This looks absolutely harmless,
	   the next read will see this time.

	   Probably we can even detect this case if we look at
	   sig->nr_threads and retry.

I'll try to make patches unless someone has a better idea.

I just can't accept the fact that we are doing while_each_thread()
under ->siglock here ;)

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ