lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140613150830.GB31794@redhat.com>
Date:	Fri, 13 Jun 2014 17:08:30 +0200
From:	Oleg Nesterov <oleg@...hat.com>
To:	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	Steven Rostedt <rostedt@...dmis.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Ingo Molnar <mingo@...nel.org>,
	Clark Williams <williams@...hat.com>
Subject: Re: safety of *mutex_unlock() (Was: [BUG] signal: sighand
	unprotected when accessed by /proc)

On 06/12, Paul E. McKenney wrote:
>
> @@ -398,11 +399,9 @@ void rcu_read_unlock_special(struct task_struct *t)
>  #ifdef CONFIG_RCU_BOOST
>  		if (&t->rcu_node_entry == rnp->boost_tasks)
>  			rnp->boost_tasks = np;
> -		/* Snapshot/clear ->rcu_boost_mutex with rcu_node lock held. */
> -		if (t->rcu_boost_mutex) {
> -			rbmp = t->rcu_boost_mutex;
> -			t->rcu_boost_mutex = NULL;
> -		}
> +		/* Snapshot/clear ->boost_mutex with rcu_node lock held. */
> +		if (rt_mutex_owner(&rnp->boost_mtx) == t)
> +			rbmp = &rnp->boost_mtx;

The comment above looks confusing after this change ;) We do not clear it,
and it doesn't explain "with rcu_node lock held".

And, with or without this change it is not obvious why do we need "rbmp",
after this patch this becomes even more unobvious.

This is subjective of course, but perhaps it would be more understandable
to do

	bool xxx;

	...

	// Check this under rcu_node lock to ensure that unlock below
	// can't race with rt_mutex_init_proxy_locked() in progress.
	xxx = rt_mutex_owner(&rnp->boost_mtx) == t;

	...

	// rnp->lock was dropped
	if (xxx)
		rt_mutex_unlock(&rnp->boost_mtx);


But this is very minor, I won't insist of course. Mostly I am just trying
to check my understanding.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ