lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160518170951.GM3193@twins.programming.kicks-ass.net>
Date:	Wed, 18 May 2016 19:09:51 +0200
From:	Peter Zijlstra <peterz@...radead.org>
To:	Chris Metcalf <cmetcalf@...lanox.com>
Cc:	Gilad Ben Yossef <giladb@...hip.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Ingo Molnar <mingo@...nel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Rik van Riel <riel@...hat.com>, Tejun Heo <tj@...nel.org>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
	Christoph Lameter <cl@...ux.com>,
	Viresh Kumar <viresh.kumar@...aro.org>,
	Catalin Marinas <catalin.marinas@....com>,
	Will Deacon <will.deacon@....com>,
	Andy Lutomirski <luto@...capital.net>,
	Michal Hocko <mhocko@...e.com>, linux-mm@...ck.org,
	linux-doc@...r.kernel.org, linux-api@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v12 04/13] task_isolation: add initial support

On Wed, May 18, 2016 at 12:34:22PM -0400, Chris Metcalf wrote:
> On 5/18/2016 9:34 AM, Peter Zijlstra wrote:
> >On Tue, Apr 05, 2016 at 01:38:33PM -0400, Chris Metcalf wrote:
> >>diff --git a/kernel/signal.c b/kernel/signal.c
> >>index aa9bf00749c1..53e4e62f2778 100644
> >>--- a/kernel/signal.c
> >>+++ b/kernel/signal.c
> >>@@ -34,6 +34,7 @@
> >>  #include <linux/compat.h>
> >>  #include <linux/cn_proc.h>
> >>  #include <linux/compiler.h>
> >>+#include <linux/isolation.h>
> >>  #define CREATE_TRACE_POINTS
> >>  #include <trace/events/signal.h>
> >>@@ -2213,6 +2214,9 @@ relock:
> >>  		/* Trace actually delivered signals. */
> >>  		trace_signal_deliver(signr, &ksig->info, ka);
> >>+		/* Disable task isolation when delivering a signal. */
> >Why !? Changelog is quiet on this.
> 
> There are really two reasons.
> 
> 1. If the task is receiving a signal, it will know it's not isolated
>    any more, so we don't need to worry about notifying it explicitly.
>    This behavior is easy to document and allows the application to decide
>    if the signal is unexpected and it should go straight to its error
>    handling path (likely outcome, and in that case you want task isolation
>    off anyway) or if it thinks it can plausibly re-enable isolation and
>    return to where the signal interrupted you at (hard to imagine how this
>    would ever make sense, but you could if you wanted to).
> 
> 2. When we are delivering a signal we may already be holding the lock
>    for the signal subsystem, and it gets hard to figure out whether it's
>    safe to send another signal to the application as a "task isolation
>    broken" notification.  For example, sending a signal to a task on
>    another core involves doing an IPI to that core to kick it; the IPI
>    normally is a generic point for notifying the remote core of broken
>    task isolation and sending a signal - except that at the point where
>    we would do that on the signal path we are already holding the lock,
>    so we end up deadlocked.  We could no doubt work around that, but it
>    seemed cleaner to decouple the existing signal mechanism from the
>    signal delivery for task isolation.
> 
> I will add more discussion of the rationale to the commit message.

Please also expand the in-code comment, as that is what we'll see first
when reading the code.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ