lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110616132551.GB7230@hawkmoon.kerlabs.com>
Date:	Thu, 16 Jun 2011 15:25:51 +0200
From:	Louis Rilling <Louis.Rilling@...labs.com>
To:	Greg Kurz <gkurz@...ibm.com>
Cc:	Oleg Nesterov <oleg@...hat.com>, linux-kernel@...r.kernel.org,
	ebiederm@...ssion.com, containers@...ts.osdl.org,
	akpm@...ux-foundation.org, xemul@...nvz.org
Subject: Re: [PATCH] Introduce ActivePid: in /proc/self/status (v2, was
	Vpid:)

On 16/06/11 15:00 +0200, Greg Kurz wrote:
> On Thu, 2011-06-16 at 14:35 +0200, Louis Rilling wrote:
> > On 16/06/11 13:01 +0200, Greg Kurz wrote:
> > > On Wed, 2011-06-15 at 20:46 +0200, Oleg Nesterov wrote:
> > > > On 06/15, Greg Kurz wrote:
> > > > >
> > > > > @@ -176,6 +177,17 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
> > > > >  		if (tracer)
> > > > >  			tpid = task_pid_nr_ns(tracer, ns);
> > > > >  	}
> > > > > +	actpid = 0;
> > > > > +	sighand = rcu_dereference(p->sighand);
> > > > > +	if (sighand) {
> > > > > +		struct pid_namespace *pid_ns;
> > > > > +		unsigned long flags;
> > > > > +		spin_lock_irqsave(&sighand->siglock, flags);
> > > > 
> > > > Well. This is not exactly right. We have lock_task_sighand() for this.
> > > > 
> > > 
> > > I see... ->sighand could change so we need the for(;;) loop in
> > > __lock_task_sighand() to be sure we have the right pointer, correct ?
> > > By the way, if we use lock_task_sighand() we'll end up with nested
> > > rcu_read_lock(): it will work but I don't know how it may affect
> > > performance...
> > 
> > rcu_read_lock() is very cheap.
> > 
> 
> Fair enough. In this case, lock_task_sighand() would be the right choice
> if locking is needed.
> 
> > > 
> > > > But. Why do you need ->siglock? Why rcu_read_lock() is not enough?
> > > > 
> > > 
> > > Because there's a race with
> > > __exit_signal()->__unhash_process()->detach_pid() that can break
> > > task_active_pid_ns() and rcu won't help here (unless *perhaps* by
> > > modifying __exit_signal() but I don't want to mess with such a critical
> > > path).
> > 
> > In case of race, the only risk is that task_active_pid_ns() returns NULL.
> > Otherwise, RCU guarantees that the pid_ns will stay alive (see below).
> > 
> > > 
> > > > Hmm. You don't even need pid_ns afaics, you could simply look at
> > > > pid->numbers[pid->level].
> > > > 
> > > 
> > > True but I will have the same problem: detach_pid() nullifies the pid.
> > 
> > But the pid won't be freed until an RCU grace period expires. See free_pid(). So
> > the non-determinism here is when /proc/<pid>/status is read at the same as
> > threaded execve() or task's exit(), in which case a stale pid (execve()) or
> > no pid (exit after __unhash_process()) can be accessed. This does not look like
> > a big deal...
> > 
> 
> Ok. You're right, the RCU grace period is just what I need to ensure I
> won't dereference a stale pointer. So I don't even have to bother with
> ->siglock and just check pid_alive() before peeking into pid->numbers.

It ends like open-coding an optimized version of task_pid_vnr(). If the
optimization is really important (I guess this depends on the depth of recursive
pid namespaces), it would be better to re-write task_pid_vnr(). Otherwise, just
use task_pid_vnr() as it is.

Thanks,

Louis

> 
> > Thanks,
> > 
> > Louis
> > 
> 
> Thanks for your help.
> 
> --
> Greg
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

-- 
Dr Louis Rilling			Kerlabs
Skype: louis.rilling			Batiment Germanium
Phone: (+33|0) 6 80 89 08 23		80 avenue des Buttes de Coesmes
http://www.kerlabs.com/			35700 Rennes

Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ