| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jun 2014 12:56:13 -0700 From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> To: Oleg Nesterov <oleg@...hat.com> Cc: Thomas Gleixner <tglx@...utronix.de>, Steven Rostedt <rostedt@...dmis.org>, Linus Torvalds <torvalds@...ux-foundation.org>, LKML <linux-kernel@...r.kernel.org>, Peter Zijlstra <peterz@...radead.org>, Andrew Morton <akpm@...ux-foundation.org>, Ingo Molnar <mingo@...nel.org>, Clark Williams <williams@...hat.com> Subject: Re: safety of *mutex_unlock() (Was: [BUG] signal: sighand unprotected when accessed by /proc) On Wed, Jun 11, 2014 at 07:59:34PM +0200, Oleg Nesterov wrote: > On 06/11, Paul E. McKenney wrote: > > > > On Wed, Jun 11, 2014 at 07:17:34PM +0200, Oleg Nesterov wrote: > > > On 06/11, Oleg Nesterov wrote: > > > > > > > > On 06/11, Paul E. McKenney wrote: > > > > > > > > > raw_spin_unlock_irqrestore(&rnp->lock, flags); > > > > > rt_mutex_lock(&mtx); /* Side effect: boosts task t's priority. */ > > > > > rt_mutex_unlock(&mtx); /* Keep lockdep happy. */ > > > > > > > > > > + /* Wait until boostee is done accessing mtx before reinitializing. */ > > > > > + wait_for_completion(&rnp->boost_completion); > > > > > + > > > > > > > > I must have missed something, I dont understand why we need ->boost_completion. > > > > > > > > What if you simply move that rt_mutex into rcu_node ? > > > > > > > > Or. Given that rcu_boost_kthread() never exits, it can declare this mutex > > > > on stack and pass the pointer to rcu_boost() ? > > > > > > Ah, please ignore, I forgot about init_proxy_locked(). Although perhaps this > > > can be solved easily. > > > > You beat me to it. ;-) > > > > I was thinking of ->boost_completion as the way to solve it easily, but > > what did you have in mind? > > I meant, rcu_boost() could probably just do "mtx->owner = t", we know that > it was unlocked by us and nobody else can use it until we set > t->rcu_boost_mutex. My concern with this is that rcu_read_unlock_special() could hypothetically get preempted (either by kernel or hypervisor), so that it might be a long time until it makes its reference. But maybe that reference would be harmless in this case. > And if we move it into rcu_node, then we can probably kill ->rcu_boost_mutex, > rcu_read_unlock_special() could check rnp->boost_mutex->owner == current. If this was anywhere near a hot code path, I would be sorely tempted. > But you know, I also think that the dentist removed the rest of my brains > along my tooth, so I am not sure if I actually have something in mind. Ouch!!! When that happens to me, most of my brains return some time after the anesthetic wears off, but I know the feeling! Thanx, Paul -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists