lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 21 Dec 2011 21:04:24 +0100
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Mandeep Singh Baines <msb@...omium.org>
Cc:	Oleg Nesterov <oleg@...hat.com>, Li Zefan <lizf@...fujitsu.com>,
	Tejun Heo <tj@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
	Containers <containers@...ts.linux-foundation.org>,
	Cgroups <cgroups@...r.kernel.org>,
	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
	Paul Menage <paul@...lmenage.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Subject: Re: Q: cgroup: Questions about possible issues in cgroup locking

On Wed, Dec 21, 2011 at 11:24:13AM -0800, Mandeep Singh Baines wrote:
> Frederic Weisbecker (fweisbec@...il.com) wrote:
> > On Wed, Dec 21, 2011 at 11:01:02AM -0800, Mandeep Singh Baines wrote:
> > > Frederic Weisbecker (fweisbec@...il.com) wrote:
> > > > On Wed, Dec 21, 2011 at 02:08:48PM +0100, Oleg Nesterov wrote:
> > > > > On 12/21, Frederic Weisbecker wrote:
> > > > > > Hi,
> > > > > >
> > > > > > Starring at some parts of cgroups, I have a few questions:
> > > > > >
> > > > > > - Is cgroup_enable_task_cg_list()'s while_each_thread() safe
> > > > > > against concurrent exec()? The leader may change in de_thread()
> > > > > > and invalidate the test done in while_each_thread().
> > > > > 
> > > > > Yes. Oh, we need to do something with while_each_thread.
> > > > 
> > > > Would something like this work?
> > > > 
> > > > diff --git a/include/linux/sched.h b/include/linux/sched.h
> > > > index c0c5876..e002a00 100644
> > > > --- a/include/linux/sched.h
> > > > +++ b/include/linux/sched.h
> > > > @@ -2293,8 +2293,12 @@ extern bool current_is_single_threaded(void);
> > > >  #define do_each_thread(g, t) \
> > > >  	for (g = t = &init_task ; (g = t = next_task(g)) != &init_task ; ) do
> > > >  
> > > > -#define while_each_thread(g, t) \
> > > > -	while ((t = next_thread(t)) != g)
> > > > +#define while_each_thread(g, t)					\
> > > > +	while (({						\
> > > > +		struct task_struct *__prev = t;			\
> > > > +		t = next_thread(t);				\
> > > > +		t != __prev && t != g;				\
> > > 
> > > Hi,
> > > 
> > > Don't you still have an (highly unlikely) race if you exec
> > > and then pthread_create()?
> > 
> > I'm not sure what you mean.
> 
> Here is what I'm thinking:
> 
> If you call exec from a thread other than g, g is now unlinked. So
> "t != g" will always be true. If you then pthread_create, you now
> have two threads so "t != __prev" will also always be true. So
> you now have an infinite loop.

Oh you're right.

But then we can't use t != t->group_leader because that assumes while_each_thread()
started on the leader. Or may be we can take this assumption...

> 
> > 
> > > 
> > > Instead of:
> > > 
> > > t != __prev && t != g;
> > > 
> > > How about:
> > > 
> > > t != t->group_leader;
> > 
> > That might work too but we need a pair of memory barriers.
> 
> next_thread() calls list_entry_rcu. Shouldn't that protect against
> a dereference? You don't need to synchronize group_leader since
> you are only using it as a value. You don't dereference it.
> 
> Regards,
> Mandeep
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ