lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 19 Oct 2017 21:04:09 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Bart Van Assche <Bart.VanAssche@....com>
cc:     "mingo@...nel.org" <mingo@...nel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "byungchul.park@....com" <byungchul.park@....com>,
        "kernel-team@....com" <kernel-team@....com>
Subject: Re: [PATCH v2 2/3] lockdep: Remove BROKEN flag of
 LOCKDEP_CROSSRELEASE

Bart,

On Thu, 19 Oct 2017, Bart Van Assche wrote:

> It seems like you are missing my point.

That might be a perception problem. 

> Cross-release checking is really *broken* as a concept. It is impossible
> to improve it to the same reliability level as the kernel v4.13 lockdep
> code. Hence my request to make it possible to disable cross-release
> checking if PROVE_LOCKING is enabled.

I did not read it as a request. If you'd had said:

  I have doubts about the concept and I think that it's impossible to
  handle the false positives up to the point where the existing lockdep
  infrastructure can do. Therefore I request that the feature gets an extra
  Kconfig entry (default y) or a command line parameter which allows to
  disable it in case of hard to fix false positive warnings, so the issue
  can be reported and normal lockdep testing can be resumed until the issue
  is fixed.

Then I would have said: That makes sense, as long as its default on and
people actually report the problems so the responsible developers can
tackle them.

What tripped me over was your statement:

  Many kernel developers, including myself, are not interested in spending
  time on analyzing false positive deadlock reports.

Which sends a completely different message.

> Consider the following example from the cross-release documentation:
> 
>    TASK X			   TASK Y
>    ------			   ------
> 				   acquire AX
>    acquire B /* A dependency 'AX -> B' exists */
>    release B
>    release AX held by Y
> 
> My understanding is that the cross-release code will add (AX, B) to the lock
> order graph after having encountered the above code. I think that's wrong
> because if the following sequence (Y: acquire AX, X: acquire B, X: release B)
> is encountered again that there is no guarantee that AX can only be released
> by X. Any task other than X could release that synchronization object too.

Emphasis on could.

That's not a lockdep problem and neither can the pure locking dependency
tracking know that a particular deadlock is not possible by design. It can
merily record the dependency chains and detect circular dependencies.

There is enough code which is obviously correct in terms of locking which
has lockdep annotations in one form or the other (nesting, different
lock_class_keys etc.). These annotations are there to teach lockdep about
false positives. It's pretty much the same with the cross release feature
and we won't get these annotations into the code when people disable it 

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ