lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Feb 2019 09:15:13 +0000 From: Julien Thierry <julien.thierry@....com> To: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org> Cc: linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, mingo@...hat.com, catalin.marinas@....com, will.deacon@....com, james.morse@....com, hpa@...or.com, valentin.schneider@....com Subject: Re: [PATCH v3 3/4] uaccess: Check no rescheduling function is called in unsafe region On 11/02/2019 13:51, Peter Zijlstra wrote: > On Mon, Feb 11, 2019 at 02:45:27PM +0100, Ingo Molnar wrote: >>> diff --git a/kernel/sched/core.c b/kernel/sched/core.c >>> index a674c7db..b1bb7e9 100644 >>> --- a/kernel/sched/core.c >>> +++ b/kernel/sched/core.c >>> @@ -3289,6 +3289,14 @@ static inline void schedule_debug(struct task_struct *prev) >>> __schedule_bug(prev); >>> preempt_count_set(PREEMPT_DISABLED); >>> } >>> + >>> + if (IS_ENABLED(CONFIG_DEBUG_UACCESS_SLEEP) && >>> + unlikely(unsafe_user_region_active())) { >>> + printk(KERN_ERR "BUG: scheduling while user_access enabled: %s/%d/0x%08x\n", >>> + prev->comm, prev->pid, preempt_count()); >>> + dump_stack(); >>> + } >>> + >>> rcu_sleep_check(); >>> >>> profile_hit(SCHED_PROFILING, __builtin_return_address(0)); >>> @@ -6151,6 +6159,20 @@ void ___might_sleep(const char *file, int line, int preempt_offset) >>> EXPORT_SYMBOL(___might_sleep); >>> #endif >>> >>> +#ifdef CONFIG_DEBUG_UACCESS_SLEEP >>> +void __might_resched(const char *file, int line) >>> +{ >>> + if (!unsafe_user_region_active()) >>> + return; >> >> Could you please more clearly explain why you want/need an exception from >> the __might_resched() debug warning? So, the scenarios I'm trying to avoid are of the following flavour: if (user_access_begin(ptr, size)) { [...] // Calling a function that might call schedule() [...] user_access_end(); } The thing is, as I understand, not all function that call schedule() are annotated with might_resched(), and on the other hand, not every time we call a function that might_resched() will it call schedule(). Now with Peter's remark I think I might have been overzealous. > > In specific; how is the addition in schedule_debug() not triggering on > PREEMPT=y kernels? > > If code is preemptible, you can (get) schedule(d). If it is not > preemptible; you do not need these additional tests. > Yes that sounds right, might_resched() only potentially reschedules if in a suitable context, so best case I issue two warnings, worst case I actually be warn when the caller took care to disable preemption or interrupts before calling a might_resched(). I guess I got a bit confused with might_sleep() which is "if you call this in the wrong context I warn" whereas might_resched() is just "if you call this in preemptible context, lets resched". I guess I'll drop the might_resched() part of this patch if that sounds alright. Thanks, -- Julien Thierry
Powered by blists - more mailing lists