lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 11 May 2011 21:53:33 +0200
From:	Tejun Heo <tj@...nel.org>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	jan.kratochvil@...hat.com, vda.linux@...glemail.com,
	linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
	akpm@...ux-foundation.org, indan@....nu
Subject: Re: [PATCH 10/11] ptrace: move JOBCTL_TRAPPING wait to wait(2) and
 ptrace_check_attach()

Hello,

On Wed, May 11, 2011 at 06:49:47PM +0200, Oleg Nesterov wrote:
> On 05/08, Tejun Heo wrote:
> > this patch moves TRAPPING wait from attach completion path to
> > operations which are actually affected by the transition - wait(2) and
> > following ptrace(2) requests.
> 
> You know, I'd wish I could find the serious bugs in this patch. The
> code becomes really hairy. -EAGAIN in do_wait() doesn't make it more
> simple ;)

I don't know.  Why is retrying hairy?  The whole waiting logic is
built for clean retries.  The suggested change just does it without
intervening sleeping and waking up.  I don't see anything particularly
hairy there.

> > Both wait and ptrace paths are updated to retry the operation after
> > TRAPPING wait.  Note that wait_task_stopped() now always grabs siglock
> > for ptrace waits.  This can be avoided with "task_stopped_code() ->
> > rmb() -> TRAPPING -> rmb() -> task_stopped_code()" sequence
> 
> And so far I think this would be better, because it seems we can avoid
> the retry logic.

Well, the above memory barrier dance wouldn't really change whether
retry logic is required or not and I'd _really_ like to avoid complex
barrier dances.  Even the typical write-B wmb() write-A / read-A rmb()
read-B barriers often confuse people.  I don't wanna throw in stacked
wmb()/rmb() pairs there even if that means an extra locking for ptrace
waits.

> First of all, this patch returns one of the user-visible and undesirable
> changes. The tracer know that the task is stopped, attaches, and then it
> can see the TASK_RUNNING tracee after ptrace(PTRACE_ATTACH) returns.

Yes, it does.  Sorry about forgetting to mention it in the patch
description.  I believe this is something we can swallow.

> I agree, this looks minor. But if we can tolerate this, probably we can
> tolerate another oddity: wait_task_stopped() can succeed and eat the
> stop code before the tracee actually stopps, no?
> 
> IOW, ignoring mb's and read-ordering, suppose that we simply change
> task_stopped_code:
> 
> 		if (ptrace) {
> 	-		if (task_is_stopped_or_traced(p))
> 	+		if (task_is_traced(p) || JOBCTL_TRAPPING)
> 				return &p->exit_code;
> 		} else {
> 
> As for ptrace_check_attach(), it can simply do wait_event(), we
> only need to verify the caller is the tracer. No need to play with
> lock/unlock/retry.
> 
> What do you think?

Hmmm... interesting.  Yeah, the state is visible only through wait(2)
and ptrace(2) and for wait(2) TRAPPING is as good as STOPPED/TRACED
and we can wait all we want in ptrace_check_attach().  I'll think more
about it but seems like a nice idea.

Thank you.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ