| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160531110314.GA4254@leverpostej>
Date: Tue, 31 May 2016 12:03:15 +0100
From: Mark Rutland <mark.rutland@....com>
To: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Cc: catalin.marinas@....com, dennis.chen@....com,
jiangshanlai@...il.com, josh@...htriplett.org,
linux-kernel@...r.kernel.org, mathieu.desnoyers@...icios.com,
rostedt@...dmis.org, steve.capper@....com, will.deacon@....com
Subject: Re: [PATCHv3] rcu: tree: correctly handle sparse possible cpus
On Mon, May 23, 2016 at 09:13:33AM -0700, Paul E. McKenney wrote:
> On Mon, May 23, 2016 at 11:42:59AM +0100, Mark Rutland wrote:
> > In many cases in the RCU tree code, we iterate over the set of cpus for
> > a leaf node described by rcu_node::grplo and rcu_node::grphi, checking
> > per-cpu data for each cpu in this range. However, if the set of possible
> > cpus is sparse, some cpus described in this range are not possible, and
> > thus no per-cpu region will have been allocated (or initialised) for
> > them by the generic percpu code.
> >
> > Erroneous accesses to a per-cpu area for these !possible cpus may fault
> > or may hit other data depending on the addressed generated when the
> > erroneous per cpu offset is applied. In practice, both cases have been
> > observed on arm64 hardware (the former being silent, but detectable with
> > additional patches).
> >
> > To avoid issues resulting from this, we must iterate over the set of
> > *possible* cpus for a given leaf node. This patch add a new helper,
> > for_each_leaf_node_possible_cpu, to enable this. As iteration is often
> > intertwined with rcu_node local bitmask manipulation, a new
> > leaf_node_cpu_bit helper is added to make this simpler and more
> > consistent. The RCU tree code is made to use both of these where
> > appropriate.
>
> Thank you, Mark, queued for review and further testing.
>
> Thanx, Paul
Thanks Paul.
Unfortunately, it seems that in my haste to spin v3, I missed your suggested
logic to handle the !cpu_possible(rnp->grplo) case [1]. Sorry about that,
evidently I was not being sufficiently thorough.
Would you be happy to fold that in, as per the diff below? Otherwise I can send
that as a fixup patch, or a respin the whole thing as v4, per your preference.
I've given the below a spin on arm64 atop of -rcu/dev, with and without
RCU_BOOST and/or RCU_TRACE, and I've build-tested likewise for x86. I've
devised and tested the !cpu_possible(rnp->grplo) case by messing with the arm64
SMP code and the RCU tree fanout. So far everything seems happy: no build
issues, UBSAN splats, or other runtime failures.
So fingers crossed, that's the last issue with this patch blatted...
Thanks,
Mark.
[1] lkml.kernel.org/r/20160517190106.GJ3528@...ux.vnet.ibm.com
---->8----
diff --git a/kernel/rcu/tree.h b/kernel/rcu/tree.h
index dc0b7da..f714f87 100644
--- a/kernel/rcu/tree.h
+++ b/kernel/rcu/tree.h
@@ -291,7 +291,7 @@ struct rcu_node {
* Iterate over all possible CPUs in a leaf RCU node.
*/
#define for_each_leaf_node_possible_cpu(rnp, cpu) \
- for ((cpu) = rnp->grplo; \
+ for ((cpu) = cpumask_next(rnp->grplo - 1, cpu_possible_mask); \
cpu <= rnp->grphi; \
cpu = cpumask_next((cpu), cpu_possible_mask))
Powered by blists - more mailing lists