lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120119153938.GA5198@google.com>
Date:	Thu, 19 Jan 2012 07:39:38 -0800
From:	Tejun Heo <tj@...nel.org>
To:	Vivek Goyal <vgoyal@...hat.com>
Cc:	axboe@...nel.dk, ctalbott@...gle.com, rni@...gle.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 01/12] blkcg: obtaining blkg should be enclosed inside
 rcu_read_lock()

Hello, Vivek.

On Thu, Jan 19, 2012 at 05:07:29AM -0500, Vivek Goyal wrote:
> On Wed, Jan 18, 2012 at 05:11:19PM -0800, Tejun Heo wrote:
> > When looking up or creating blkg's, both blk-throttle and cfq-iosched
> > drops rcu_read_lock() right after lookup is complete.  This isn't
> > safe.  Refcnt isn't incremented at that point and rcu lock is the only
> > thing holding the blkg.  It shouldn't be dropped until after refcnt is
> > incremented by the caller.
> 
> throtl_get_tg() and cfq_get_cfqg() are called with queue lock held and
> tg and cfqg are protected by queue lock as they can not go away as long
> as queue lock is held.

Ah, right.

> I had used rcu read lock to access blkcg pointer here. That's why when
> we are done with accessing blkcg, we drop rcu read lock and return back
> to caller with group pointer, which is aready holding either a queue
> lock or rcu read lock to protect returned group pointer.
>
> So if we are protecting blkcg using rcu, then it should make sense to
> take that lock inside throtl_get_tg() and cfq_get_cfqg() respectively and
> it should not be left to the caller?

No, no matter whatever synchronization scheme is in use, the code is
seriously screwed up if it's doing something like,

	lock();
	a = lookup();
	unlock();
	return a;

You should *NEVER* be doing that.  It can't serve any purpose and is
misleading at best.  In this case, the right thing to do is dropping
the rcu read locking and using annotated rcu deferencing macros to
enforce q locked || rcu read locked.  I'll update the patch.

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ