lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 16 Jun 2011 15:00:51 +0200
From:	Greg Kurz <gkurz@...ibm.com>
To:	Louis Rilling <Louis.Rilling@...labs.com>
Cc:	Oleg Nesterov <oleg@...hat.com>, linux-kernel@...r.kernel.org,
	ebiederm@...ssion.com, containers@...ts.osdl.org,
	akpm@...ux-foundation.org, xemul@...nvz.org
Subject: Re: [PATCH] Introduce ActivePid: in /proc/self/status (v2, was
 Vpid:)

On Thu, 2011-06-16 at 14:35 +0200, Louis Rilling wrote:
> On 16/06/11 13:01 +0200, Greg Kurz wrote:
> > On Wed, 2011-06-15 at 20:46 +0200, Oleg Nesterov wrote:
> > > On 06/15, Greg Kurz wrote:
> > > >
> > > > @@ -176,6 +177,17 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
> > > >  		if (tracer)
> > > >  			tpid = task_pid_nr_ns(tracer, ns);
> > > >  	}
> > > > +	actpid = 0;
> > > > +	sighand = rcu_dereference(p->sighand);
> > > > +	if (sighand) {
> > > > +		struct pid_namespace *pid_ns;
> > > > +		unsigned long flags;
> > > > +		spin_lock_irqsave(&sighand->siglock, flags);
> > > 
> > > Well. This is not exactly right. We have lock_task_sighand() for this.
> > > 
> > 
> > I see... ->sighand could change so we need the for(;;) loop in
> > __lock_task_sighand() to be sure we have the right pointer, correct ?
> > By the way, if we use lock_task_sighand() we'll end up with nested
> > rcu_read_lock(): it will work but I don't know how it may affect
> > performance...
> 
> rcu_read_lock() is very cheap.
> 

Fair enough. In this case, lock_task_sighand() would be the right choice
if locking is needed.

> > 
> > > But. Why do you need ->siglock? Why rcu_read_lock() is not enough?
> > > 
> > 
> > Because there's a race with
> > __exit_signal()->__unhash_process()->detach_pid() that can break
> > task_active_pid_ns() and rcu won't help here (unless *perhaps* by
> > modifying __exit_signal() but I don't want to mess with such a critical
> > path).
> 
> In case of race, the only risk is that task_active_pid_ns() returns NULL.
> Otherwise, RCU guarantees that the pid_ns will stay alive (see below).
> 
> > 
> > > Hmm. You don't even need pid_ns afaics, you could simply look at
> > > pid->numbers[pid->level].
> > > 
> > 
> > True but I will have the same problem: detach_pid() nullifies the pid.
> 
> But the pid won't be freed until an RCU grace period expires. See free_pid(). So
> the non-determinism here is when /proc/<pid>/status is read at the same as
> threaded execve() or task's exit(), in which case a stale pid (execve()) or
> no pid (exit after __unhash_process()) can be accessed. This does not look like
> a big deal...
> 

Ok. You're right, the RCU grace period is just what I need to ensure I
won't dereference a stale pointer. So I don't even have to bother with
->siglock and just check pid_alive() before peeking into pid->numbers.

> Thanks,
> 
> Louis
> 

Thanks for your help.

--
Greg


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ