lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGXu5jKiGLAcL4QG2BoAms+JaHH-4piVe--YF3X9RhXZN53Z8Q@mail.gmail.com>
Date:   Wed, 8 Nov 2017 07:21:20 -0800
From:   Kees Cook <keescook@...omium.org>
To:     Vlastimil Babka <vbabka@...e.cz>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Jesper Dangaard Brouer <brouer@...hat.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Ying Huang <ying.huang@...el.com>,
        Michal Hocko <mhocko@...e.com>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] mm, vmstat: Make sure mutex is a global static

On Tue, Nov 7, 2017 at 11:43 PM, Vlastimil Babka <vbabka@...e.cz> wrote:
> On 11/07/2017 10:38 PM, Kees Cook wrote:
>> The mutex in sysctl_vm_numa_stat_handler() needs to be a global static, not
>> a stack variable, otherwise it doesn't serve any purpose. Also, reading the
>> file with CONFIG_LOCKDEP=y will complain:
>
> Oops, good catch.
>
>> [   63.258593] INFO: trying to register non-static key.
>> [   63.259113] the code is fine but needs lockdep annotation.
>> [   63.259596] turning off the locking correctness validator.
>> [   63.260073] CPU: 1 PID: 4102 Comm: perl Not tainted 4.14.0-rc8-next-20171107+ #419
>> [   63.260769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
>> [   63.261570] Call Trace:
>> [   63.261783]  dump_stack+0x5f/0x86
>> [   63.262062]  register_lock_class+0xe4/0x550
>> [   63.262408]  ? __lock_acquire+0x308/0x1170
>> [   63.262746]  __lock_acquire+0x7e/0x1170
>> [   63.263063]  lock_acquire+0x9d/0x1d0
>> [   63.263363]  ? sysctl_vm_numa_stat_handler+0x8f/0x2d0
>> [   63.263777]  ? sysctl_vm_numa_stat_handler+0x8f/0x2d0
>> [   63.264192]  __mutex_lock+0xb8/0x9a0
>> [   63.264488]  ? sysctl_vm_numa_stat_handler+0x8f/0x2d0
>> [   63.264942]  ? sysctl_vm_numa_stat_handler+0x8f/0x2d0
>> [   63.265398]  ? sysctl_vm_numa_stat_handler+0x8f/0x2d0
>> [   63.265840]  sysctl_vm_numa_stat_handler+0x8f/0x2d0
>> [   63.266270]  proc_sys_call_handler+0xe3/0x100
>> [   63.266655]  __vfs_read+0x33/0x1b0
>> [   63.266957]  vfs_read+0xa6/0x150
>> [   63.267244]  SyS_read+0x55/0xc0
>> [   63.267525]  do_syscall_64+0x56/0x140
>> [   63.267850]  entry_SYSCALL64_slow_path+0x25/0x25
>>
>> Fixes: 920d5f77d1a25 ("mm, sysctl: make NUMA stats configurable")
>
> Note that this hash is specific to particular next-$DATE as mmotm is
> reimported each day.

Ah yes, duh. :)

>
>> Cc: Jesper Dangaard Brouer <brouer@...hat.com>
>> Cc: Dave Hansen <dave.hansen@...el.com>
>> Cc: Ying Huang <ying.huang@...el.com>
>> Cc: Vlastimil Babka <vbabka@...e.cz>
>> Cc: Michal Hocko <mhocko@...e.com>
>> Signed-off-by: Kees Cook <keescook@...omium.org>
>> ---
>>  mm/vmstat.c | 3 ++-
>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/mm/vmstat.c b/mm/vmstat.c
>> index e0593434fd58..40b2db6db6b1 100644
>> --- a/mm/vmstat.c
>> +++ b/mm/vmstat.c
>> @@ -72,11 +72,12 @@ static void invalid_numa_statistics(void)
>>       zero_global_numa_counters();
>>  }
>>
>> +static DEFINE_MUTEX(vm_numa_stat_lock);
>> +
>>  int sysctl_vm_numa_stat_handler(struct ctl_table *table, int write,
>>               void __user *buffer, size_t *length, loff_t *ppos)
>>  {
>>       int ret, oldval;
>> -     DEFINE_MUTEX(vm_numa_stat_lock);
>
> Yeah it was Michal who suggested scoping the mutex here instead of
> global scope, but I think he didn't mean to remove the 'static'
> qualifier, and we both missed that in the review :(
> So the scope under sysctl_vm_numa_stat_handler() should be okay, just
> with the 'static' added.

That part is a matter of taste, I guess. :) But yes, static is important.

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ