| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Feb 2015 09:55:47 -0600 From: Josh Poimboeuf <jpoimboe@...hat.com> To: Miroslav Benes <mbenes@...e.cz> Cc: Jiri Slaby <jslaby@...e.cz>, Seth Jennings <sjenning@...hat.com>, Jiri Kosina <jkosina@...e.cz>, Vojtech Pavlik <vojtech@...e.cz>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, live-patching@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [RFC PATCH 8/9] livepatch: allow patch modules to be removed On Mon, Feb 16, 2015 at 05:06:15PM +0100, Miroslav Benes wrote: > On Fri, 13 Feb 2015, Josh Poimboeuf wrote: > > > On Fri, Feb 13, 2015 at 05:17:10PM +0100, Miroslav Benes wrote: > > > On Fri, 13 Feb 2015, Josh Poimboeuf wrote: > > > > Hm, even with Jiri Slaby's suggested fix to add the completion to the > > > > unregister path, I still get a lockdep warning. This looks more insidious, > > > > related to the locking order of a kernfs lock and the klp lock. I'll need to > > > > look at this some more... > > > > > > Yes, I was afraid of this. Lockdep warning is a separate bug. It is caused > > > by taking klp_mutex in enabled_store. During rmmod klp_unregister_patch > > > takes klp_mutex and destroys the sysfs structure. If somebody writes to > > > enabled just after unregister takes the mutex and before the sysfs > > > removal, he would cause the deadlock, because enabled_store takes the > > > "sysfs lock" and then klp_mutex. That is exactly what the lockdep tells us > > > below. > > > > > > We can look for inspiration elsewhere. Grep for s_active through git log > > > of the mainline offers several commits which dealt exactly with this. Will > > > browse through that... > > > > Thanks Miroslav, please let me know what you find. It wouldn't surprise > > me if this were a very common problem. > > > > One option would be to move the enabled_store() work out to a workqueue > > or something. > > Yes, that is one possibility. It is not the only one. > > 1. we could replace mutex_lock in enabled_store with mutex_trylock. If the > lock was not acquired we would return -EBUSY. Or could we 'return > restart_syscall' (maybe after some tiny msleep)? Hm, doesn't that still violate the locking order rules? I thought locks always had to be taken in the same order -- always sysfs before klp, or klp before sysfs. Not sure if there would still be any deadlocks lurking, but lockdep might still complain. > 2. we could reorganize klp_unregister_patch somehow and move sysfs removal > out of mutex protection. Yeah, I was thinking about this too. Pretty sure we'd have to remove both the sysfs add and the sysfs removal from mutex protection. I like this option if we can get it to work. -- Josh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists