lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 Sep 2013 09:09:54 +0800
From:	zhang.yi20@....com.cn
To:	linux-kernel@...r.kernel.org
Cc:	Peter Zijlstra <peterz@...radead.org>,
	Darren Hart <dvhart@...ux.intel.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...nel.org>
Subject: [PATCH] futex: Remove the owner check when waking task in
 handle_futex_death


Hi all,

Task processes all its owned robust futex when it is exiting,
to ensure the futexes can be taken by other tasks.

Though this can not work good in sometimes.
Think about this scene:
1. A robust mutex is shared for two processes, each process has
   multi threads to lock the mutex.
2. One of the threads locks the mutex, and the others are waiting
   and sorted in order of priority.
3. The process to which the mutex owner thread belongs is dying
   without unlocking the mutex,and handle_futex_death is invoked
   to wake the first waiter.
4. If the first waiter belongs to the same process,it has no chance
   to return to the userspace to lock the mutex, and it won't wake
   the next waiter because it is not the owner of the mutex.
5. The rest waiters of the other process may block forever.

This patch remove the owner check when waking task in handle_futex_death.
If above occured, The dying task can wake the next waiter by processing its list_op_pending.
The waked task could return to userspace and try to lock the mutex again.


Signed-off-by: Zhang Yi <zhang.yi20@....com.cn>
Reviewed-by: Xie Baoyou <xie.baoyou@....com.cn>
Reviewed-by: Lu Zhongjun <lu.zhongjun@....com.cn>



--- linux/kernel/futex.c	2013-09-25 09:24:34.639634244 +0000
+++ linux/kernel/futex.c	2013-09-25 10:12:17.619673546 +0000
@@ -2541,14 +2541,15 @@ retry:
 		}
 		if (nval != uval)
 			goto retry;
-
-		/*
-		 * Wake robust non-PI futexes here. The wakeup of
-		 * PI futexes happens in exit_pi_state():
-		 */
-		if (!pi && (uval & FUTEX_WAITERS))
-			futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY);
 	}
+
+	/*
+	 * Wake robust non-PI futexes here. The wakeup of
+	 * PI futexes happens in exit_pi_state():
+	 */
+	if (!pi)
+		futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY);
+
 	return 0;
 }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ