| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110616123554.GA7230@hawkmoon.kerlabs.com>
Date: Thu, 16 Jun 2011 14:35:55 +0200
From: Louis Rilling <Louis.Rilling@...labs.com>
To: Greg Kurz <gkurz@...ibm.com>
Cc: Oleg Nesterov <oleg@...hat.com>, linux-kernel@...r.kernel.org,
ebiederm@...ssion.com, containers@...ts.osdl.org,
akpm@...ux-foundation.org, xemul@...nvz.org
Subject: Re: [PATCH] Introduce ActivePid: in /proc/self/status (v2, was
Vpid:)
On 16/06/11 13:01 +0200, Greg Kurz wrote:
> On Wed, 2011-06-15 at 20:46 +0200, Oleg Nesterov wrote:
> > On 06/15, Greg Kurz wrote:
> > >
> > > @@ -176,6 +177,17 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
> > > if (tracer)
> > > tpid = task_pid_nr_ns(tracer, ns);
> > > }
> > > + actpid = 0;
> > > + sighand = rcu_dereference(p->sighand);
> > > + if (sighand) {
> > > + struct pid_namespace *pid_ns;
> > > + unsigned long flags;
> > > + spin_lock_irqsave(&sighand->siglock, flags);
> >
> > Well. This is not exactly right. We have lock_task_sighand() for this.
> >
>
> I see... ->sighand could change so we need the for(;;) loop in
> __lock_task_sighand() to be sure we have the right pointer, correct ?
> By the way, if we use lock_task_sighand() we'll end up with nested
> rcu_read_lock(): it will work but I don't know how it may affect
> performance...
rcu_read_lock() is very cheap.
>
> > But. Why do you need ->siglock? Why rcu_read_lock() is not enough?
> >
>
> Because there's a race with
> __exit_signal()->__unhash_process()->detach_pid() that can break
> task_active_pid_ns() and rcu won't help here (unless *perhaps* by
> modifying __exit_signal() but I don't want to mess with such a critical
> path).
In case of race, the only risk is that task_active_pid_ns() returns NULL.
Otherwise, RCU guarantees that the pid_ns will stay alive (see below).
>
> > Hmm. You don't even need pid_ns afaics, you could simply look at
> > pid->numbers[pid->level].
> >
>
> True but I will have the same problem: detach_pid() nullifies the pid.
But the pid won't be freed until an RCU grace period expires. See free_pid(). So
the non-determinism here is when /proc/<pid>/status is read at the same as
threaded execve() or task's exit(), in which case a stale pid (execve()) or
no pid (exit after __unhash_process()) can be accessed. This does not look like
a big deal...
Thanks,
Louis
>
> Thanks for your comments.
>
> --
> Greg
>
> _______________________________________________
> Containers mailing list
> Containers@...ts.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/containers
--
Dr Louis Rilling Kerlabs
Skype: louis.rilling Batiment Germanium
Phone: (+33|0) 6 80 89 08 23 80 avenue des Buttes de Coesmes
http://www.kerlabs.com/ 35700 Rennes
Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists