lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20170416095137.2784-1-nicstange@gmail.com>
Date:   Sun, 16 Apr 2017 11:51:28 +0200
From:   Nicolai Stange <nicstange@...il.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Johannes Berg <johannes@...solutions.net>,
        "Paul E.McKenney" <paulmck@...ux.vnet.ibm.com>,
        Nicolai Stange <nicstange@...il.com>,
        linux-kernel@...r.kernel.org
Subject: [RFC PATCH 0/9] debugfs: per-file removal protection

Hello Greg,

this series implements the debugfs removal protection at file granularity,
meant to solve the livelock issue reported by Johannes [1]:

  Task 1               Task 2
  mutex_lock(&m);
                       debugfs_use_file_start(&d2, ...);
  debugfs_remove(d1);  mutex_lock(&m);

with d1 != d2.

In order to be able to store the additionally required per-dentry state,
a small container struct, debugfs_fsdata, will be allocated and installed
at ->d_fsdata.

The remaining question is if and how these debugfs_fsdata instances should
be freed. For one possible solution, please see
[9/9] ("debugfs: free debugfs_fsdata instances"). As stated in that patch's
description, I'm not convinced that it's a particularly good one -- it's
included only to show how a lock-free/RCU based scheme would look like.
In order to avoid frequent allocations and deallocations, I'd personally
not free the debugfs_fsdata instances at all: there would be exactly one
per debugfs file ever opened, which probably isn't too much. If you don't
agree, I can try and see how a simpler solution based on a global spinlock
would look like... Any advice on how to proceed with this welcome!


Thanks,

Nicolai

[1] http://lkml.kernel.org/r/1490280886.2766.4.camel@sipsolutions.net


Nicolai Stange (9):
  debugfs: add support for more elaborate ->d_fsdata
  debugfs: implement per-file removal protection
  debugfs: debugfs_real_fops(): drop __must_hold sparse annotation
  debugfs: convert to debugfs_file_get() and -put()
  IB/hfi1: convert to debugfs_file_get() and -put()
  debugfs: purge obsolete SRCU based removal protection
  debugfs: call debugfs_real_fops() only after debugfs_file_get()
  debugfs: defer debugfs_fsdata allocation to first usage
  debugfs: free debugfs_fsdata instances

 drivers/infiniband/hw/hfi1/debugfs.c |  20 +--
 fs/debugfs/file.c                    | 272 +++++++++++++++++++++++------------
 fs/debugfs/inode.c                   |  55 +++++--
 fs/debugfs/internal.h                |  15 ++
 include/linux/debugfs.h              |  33 +----
 lib/Kconfig.debug                    |   1 -
 6 files changed, 256 insertions(+), 140 deletions(-)

-- 
2.12.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ