lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 29 Aug 2017 20:57:27 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Byungchul Park <max.byungchul.park@...il.com>
Cc:     Tejun Heo <tj@...nel.org>, Byungchul Park <byungchul.park@....com>,
        johannes.berg@...el.com, Ingo Molnar <mingo@...nel.org>,
        tglx@...utronix.de,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        kernel-team@....com
Subject: Re: [RFC] workqueue: remove manual lockdep uses to detect deadlocks

On Sat, Aug 26, 2017 at 12:49:26AM +0900, Byungchul Park wrote:
> > However, how would it distinguish things like flushing another work
> 
> I think it must be distinguished with what it actually waits for, e.i.
> completion
> variables instead of work or wq. I will make it next week and let you know.

So no. The existing annotations are strictly better than relying on
cross-release.

As you know the problem with cross-release is that it is timing
dependent. You need to actually observe the problematic sequence before
it can warn, and only the whole instance->class mapping saves us from
actually hitting the deadlock.

Cross-release can result in deadlocks without warnings. If you were to
run:

	mutex_lock(A);
					mutex_lock(A);
					complete(C);
	wait_for_completion(C);

You'd deadlock without issue. Only if we observe this:

	mutex_lock(A);
	wait_for_completion(C);
					mutex_lock(A);
					complete(C);

Where we acquire A after wait_for_completion() but before complete()
will we observe the deadlock.

The same would be true for using cross-release for workqueues as well,
something like:

					W:
					mutex_lock(A)

	mutex_lock(A)
	flush_work(W)

would go unreported whereas the current workqueue annotation will
generate a splat.


This does not mean cross-release isn't worth it, its better than nothing,
but its strictly weaker than traditional annotations.

So where a traditional annotation is possible, we should use them.

Powered by blists - more mailing lists