| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Feb 2019 07:52:18 -0800
From: "Paul E. McKenney" <paulmck@...ux.ibm.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Joel Fernandes <joel@...lfernandes.org>,
linux-kernel@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
Christian Brauner <christian@...uner.io>,
Daniel Borkmann <daniel@...earbox.net>,
David Ahern <dsahern@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Ido Schimmel <idosch@...lanox.com>,
Ingo Molnar <mingo@...hat.com>,
"moderated list:INTEL ETHERNET DRIVERS"
<intel-wired-lan@...ts.osuosl.org>,
Jakub Kicinski <jakub.kicinski@...ronome.com>,
Jeff Kirsher <jeffrey.t.kirsher@...el.com>,
Jesper Dangaard Brouer <hawk@...nel.org>,
John Fastabend <john.fastabend@...il.com>,
Josh Triplett <josh@...htriplett.org>, keescook@...omium.org,
Lai Jiangshan <jiangshanlai@...il.com>,
Martin KaFai Lau <kafai@...com>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
netdev@...r.kernel.org, rcu@...r.kernel.org,
Song Liu <songliubraving@...com>,
Steven Rostedt <rostedt@...dmis.org>,
xdp-newbies@...r.kernel.org, Yonghong Song <yhs@...com>
Subject: Re: [PATCH RFC 3/5] sched/cpufreq: Fix incorrect RCU API usage
On Thu, Feb 21, 2019 at 04:31:17PM +0100, Peter Zijlstra wrote:
> On Thu, Feb 21, 2019 at 10:21:39AM -0500, Joel Fernandes wrote:
> > On Thu, Feb 21, 2019 at 10:18:05AM +0100, Peter Zijlstra wrote:
> > > On Thu, Feb 21, 2019 at 12:49:40AM -0500, Joel Fernandes (Google) wrote:
> > > > @@ -34,8 +34,12 @@ void cpufreq_add_update_util_hook(int cpu, struct update_util_data *data,
> > > > if (WARN_ON(!data || !func))
> > > > return;
> > > >
> > > > - if (WARN_ON(per_cpu(cpufreq_update_util_data, cpu)))
> > > > + rcu_read_lock();
> > > > + if (WARN_ON(rcu_dereference(per_cpu(cpufreq_update_util_data, cpu)))) {
> > > > + rcu_read_unlock();
> > > > return;
> > > > + }
> > > > + rcu_read_unlock();
> > > >
> > > > data->func = func;
> > > > rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), data);
> > >
> > > This doesn't make any kind of sense to me.
> > >
> >
> > As per the rcu_assign_pointer() line, I inferred that
> > cpufreq_update_util_data is expected to be RCU protected. Reading the pointer
> > value of RCU pointers generally needs to be done from RCU read section, and
> > using rcu_dereference() (or using rcu_access()).
> >
> > In this patch, I changed cpufreq_update_util_data to be __rcu annotated to
> > avoid the sparse error thrown by rcu_assign_pointer().
> >
> > Instead of doing that, If your intention here is RELEASE barrier, should I
> > just replace in this function:
> > rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), data);
> > with:
> > smp_store_release(per_cpu(cpufreq_update_util_data, cpu), data))
> > ?
> >
> > It would be nice IMO to be explicit about the intention of release/publish
> > semantics by using smp_store_release().
>
> No, it is RCU managed, it should be RCU. The problem is that the hunk
> above is utter crap.
>
> All that does is read the pointer, it never actually dereferences it.
For whatever it is worth, in that case it could use rcu_access_pointer().
And this primitive does not do the lockdep check for being within an RCU
read-side critical section. As Peter says, if there is no dereferencing,
there can be no use-after-free bug, so the RCU read-side critical is
not needed.
Good eyes, Peter! ;-)
Thanx, Paul
Powered by blists - more mailing lists