| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Feb 2016 17:34:23 +0000 From: Al Viro <viro@...IV.linux.org.uk> To: Peter Zijlstra <peterz@...radead.org> Cc: Oleg Nesterov <oleg@...hat.com>, Sasha Levin <sasha.levin@...cle.com>, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org, mingo@...nel.org Subject: Re: [PATCH] signals: work around random wakeups in sigsuspend() On Thu, Feb 25, 2016 at 09:11:44AM +0100, Peter Zijlstra wrote: > > Out of curiousity - where did that stray wakeup come from? PTRACE_KILL > > used to trigger those, but that got fixed. How does one trigger that > > kind of bugs on the current kernels? > > Its a regular TASK_INTERRUPTIBLE sleep, for those spurious wakeups are > not a bug, they're pretty fundamentally allowed. They are, which makes any code that doesn't expect them in such situations buggy. > See: lkml.kernel.org/r/CA+55aFwHkOo+YGWKYROmce1-H_uG3KfEUmCkJUerTj=ojY2H6Q@...l.gmail.com I know. The question is not whether the code must take them into account (it must; it's a bug not to), it's what's a good way to trigger such bugs. IOW, how to stress-test for such bugs? PTRACE_KILL used to be a convenient way to arrange for a wakeup delivered to victim engaged in something we want to stress; it doesn't do blind wake_up_process() anymore, so that trick is gone. Is there anything similar? Suppose I have a dodgy waitqueue code (pardon the redundancy) in some filesystem. I have some idea how to maneuver a process into such-and-such part of that code; is there any convenient way to turn that into "... OK, now let's add bombing it with stray wakeups"?
Powered by blists - more mailing lists