lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 10 Jun 2014 10:37:26 +0200
From:	Peter Zijlstra <peterz@...radead.org>
To:	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Cc:	Oleg Nesterov <oleg@...hat.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Ingo Molnar <mingo@...nel.org>,
	Clark Williams <williams@...hat.com>
Subject: Re: safety of *mutex_unlock() (Was: [BUG] signal: sighand
 unprotected when accessed by /proc)

On Mon, Jun 09, 2014 at 09:26:13AM -0700, Paul E. McKenney wrote:
> That would indeed be a bad thing, as it could potentially lead to
> use-after-free bugs.  Though one could argue that any code that resulted
> in use-after-free would be quite aggressive.  But still...

Let me hijack this thread for yet another issue... So I had an RCU
related use-after-free the other day, and while Sasha was able to
trigger it quite easily, I had a multi-day struggle to reproduce.

Once I figured out what the exact problem was it was also clear to me
why it was so hard for me to reproduce.

So normally its easier to trigger races on bigger machines, more cpus,
more concurrency, more races, all good.

_However_ with RCU the grace period machinery is slower the bigger the
machine, so bigger machine, slower grace period, slower RCU free, less
likely to hit use-after-free.

So I was thinking, and I know you all will go kick me for this because
the very last thing we need is what I'm about to propose: more RCU
flavours :-).

How about an rcu_read_unlock() reference counted RCU variant that's
ultra aggressive in doing the callbacks in order to better trigger such
issues?

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ