lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20161105213411.GA32353@quack2.suse.cz>
Date:   Sat, 5 Nov 2016 22:34:11 +0100
From:   Jan Kara <jack@...e.cz>
To:     Miklos Szeredi <miklos@...redi.hu>
Cc:     Jan Kara <jack@...e.cz>, Eric Paris <eparis@...hat.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: fsnotify_mark_srcu wtf?

On Wed 02-11-16 23:09:26, Miklos Szeredi wrote:
> We've got a report where a fanotify daemon that implements permission checks
> screws up and doesn't send a reply.  This then causes widespread hangs due to
> fsnotify_mark_srcu read side lock being held and thus causing synchronize_srcu()
> called from e.g. inotify_release()-> fsnotify_destroy_group()->
> fsnotify_mark_destroy_list() to block.

Yes. But if a program implementing permission checks does not reply, your
system is likely hosed anyway. We can only try to somewhat limit the
damage...

> Below program demonstrates the issue.  It should output a single line:
> 
> close(inotify_fd): success
> 
> Instead it outputs nothing, which means that close(inotify_fd) got blocked by
> the waiting permission event.
> 
> Wouldn't making the srcu per-group fix this?  Would that be too expensive?

Per-group would be IMHO too expensive. You can have lots of groups and I'm
not sure srcu would scale to that. Furthermore the SRCU protects the list
of groups that need to get notification so it would not even be easily
possible. Also Amir's solution is buggy - I'll comment on that as a reply
to his patch. I'll try to find something to improve the situation but so
far I have no good idea...

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ