lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 06 Mar 2014 14:24:43 +0100
From:	Rasmus Villemoes <linux@...musvillemoes.dk>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Khalid Aziz <khalid.aziz@...cle.com>, tglx@...utronix.de,
	Ingo Molnar <mingo@...nel.org>, peterz@...radead.org,
	akpm@...ux-foundation.org, andi.kleen@...el.com, rob@...dley.net,
	viro@...iv.linux.org.uk, oleg@...hat.com, venki@...gle.com,
	linux-kernel@...r.kernel.org
Subject: Re: [RFC] [PATCH] Pre-emption control for userspace

"H. Peter Anvin" <hpa@...or.com> writes:

> I have several issues with this interface:
>
> 1. First, a process needs to know if it *should* have been preempted
> before it calls sched_yield().  So there needs to be a second flag set
> by the scheduler when granting amnesty.
>
> 2. A process which fails to call sched_yield() after being granted
> amnesty must be penalized.
>
> 3. I'm not keen on occupying a full page for this.  I'm wondering if
> doing a pointer into user space, futex-style, might make more sense.
> The downside, of course, is what happens if the page being pointed to is
> swapped out.

Is it possible to implement non-sleeping versions of {get,put}_user()?
That is, use the same basic approach (let the MMU do the hard work) but use
different, and simpler, "fixup" code (return -ESOMETHING on a major
fault).

If so, I think an extra pointer (->amnesty) and an extra bit
(->amnesty_granted) in task_struct suffices:

If the scheduler runs and tsk->amnesty_granted is true, penalize the
current task (and possibly clear tsk->amnesty_granted).

Otherwise, the task is granted amnesty provided these conditions are
met:

tsk->amnesty is non-NULL
get_user_nosleep(j, tsk->amnesty) succeeds
j is now 1
put_user_nosleep(YOU_WERE_LUCKY, tsk->amnesty) succeeds

If so, set amnesty_granted and let the thread continue; otherwise reschedule.

The userspace side would be something like

void *thread_func(void*)
{
     int Im_busy = 0;
     sched_need_amnesty(&Im_busy); /* better name needed */
     /* -EPERM if not allowed (new capability?) */

     /* go critical */
     Im_busy = 1;
     LOCK();
     do_stuff();
     UNLOCK();
     if (Im_busy != 1) {
          /* better play nice with the others */
          sched_yield();
     }
     Im_busy = 0;

     /* If the thread doesn't need the amnesty feature anymore, it can just do
     sched_need_amnesty(NULL); */
}


Rasmus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ