lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20170511145028.GD3956@linux.vnet.ibm.com>
Date:   Thu, 11 May 2017 07:50:28 -0700
From:   "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To:     Petr Mladek <pmladek@...e.com>
Cc:     Steven Rostedt <rostedt@...dmis.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Jessica Yu <jeyu@...hat.com>, Jiri Kosina <jikos@...nel.org>,
        Miroslav Benes <mbenes@...e.cz>, live-patching@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/3] livepatch/rcu: Warn when system consistency is
 broken in RCU code

On Thu, May 11, 2017 at 03:52:46PM +0200, Petr Mladek wrote:
> On Mon 2017-05-08 15:13:22, Steven Rostedt wrote:
> > On Mon, 8 May 2017 11:51:08 -0500
> > Josh Poimboeuf <jpoimboe@...hat.com> wrote:
> > 
> > > Another idea would be to figure out a way to stop using RCU in
> > > klp_ftrace_handler() altogether.
> > > 
> > 
> > That may work if rcu_enter_irq() doesn't. But that's how NMIs use rcu.
> 
> I am a bit confused by the above. Does it mean that RCU could not be
> used in NMI handlers?

Only RCU readers can be used in NMI handlers, that is, rcu_read_lock(),
rcu_read_unlock(), rcu_dereference(), and so on.

							Thanx, Paul

> Anyway, a crazy idea is to use the livepatch consistency model instead
> of RCU to protect the function stack. The model makes sure that all
> tasks, including the idle ones, were not running any patched function
> (and their ftrace handlers) at some point. It should be safe
> but I am not sure if it is worth it.
> 
> Alternatively, it might be enough to use the probably more lightwight
> solution that is used when ftrace handlers are deregistered, I mean:
> 
> 	/*
> 	 * We need to do a hard force of sched synchronization.
> 	 * This is because we use preempt_disable() to do RCU, but
> 	 * the function tracers can be called where RCU is not watching
> 	 * (like before user_exit()). We can not rely on the RCU
> 	 * infrastructure to do the synchronization, thus we must do it
> 	 * ourselves.
> 	 */
> 	schedule_on_each_cpu(ftrace_sync);
> 
> 	/*
> 	 * When the kernel is preeptive, tasks can be preempted
> 	 * while on a ftrace trampoline. Just scheduling a task on
> 	 * a CPU is not good enough to flush them. Calling
> 	 * synchornize_rcu_tasks() will wait for those tasks to
> 	 * execute and either schedule voluntarily or enter user space.
> 	 */
> 	if (IS_ENABLED(CONFIG_PREEMPT))
> 		synchronize_rcu_tasks();
> 
> 
> 
> Best  Regards,
> Petr
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ