lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190423195559.GY4038@hirez.programming.kicks-ass.net>
Date:   Tue, 23 Apr 2019 21:55:59 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Waiman Long <longman@...hat.com>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Ingo Molnar <mingo@...hat.com>,
        Will Deacon <will.deacon@....com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Linux List Kernel Mailing <linux-kernel@...r.kernel.org>,
        the arch/x86 maintainers <x86@...nel.org>,
        Davidlohr Bueso <dave@...olabs.net>,
        Tim Chen <tim.c.chen@...ux.intel.com>,
        huang ying <huang.ying.caritas@...il.com>,
        Roman Gushchin <guro@...com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>
Subject: [PATCH] bpf: Fix preempt_enable_no_resched() abuse

On Tue, Apr 23, 2019 at 03:41:32PM -0400, Waiman Long wrote:
> On 4/23/19 3:34 PM, Peter Zijlstra wrote:
> > On Tue, Apr 23, 2019 at 03:12:16PM -0400, Waiman Long wrote:

> >> You are right on that. However, there is a variant called
> >> preempt_enable_no_resched() that doesn't have this side effect. So I am
> >> going to use that one instead.
> > Only if the very next line is schedule(). Otherwise you're very much not
> > going to use that function.
> 
> May I know the reason why. 

Because it can 'consume' a need_resched and introduces arbitrary delays
before the schedule() eventually happens, breaking the very notion of
PREEMPT=y (and the fundamentals RT relies on).

> I saw a number of instances of
> preempt_enable_no_resched() without right next a schedule().

Look more closely.. and let me know, if true, those are bugs that need
fixing.

Argghhh.. BPF...

Also, with the recent RCU rework, we can probably drop that
rcu_read_lock()/rcu_read_unlock() from there if we're disabling
preemption anyway.

---
Subject: bpf: Fix preempt_enable_no_resched() abuse

Unless the very next line is schedule(), or implies it, one must not use
preempt_enable_no_resched(). It can cause a preemption to go missing and
thereby cause arbitrary delays, breaking the PREEMPT=y invariant.

Cc: Roman Gushchin <guro@...com>
Cc: Alexei Starovoitov <ast@...nel.org>
Cc: Daniel Borkmann <daniel@...earbox.net>
Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
---

diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index f02367faa58d..944ccc310201 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -510,7 +510,7 @@ int bpf_prog_array_copy(struct bpf_prog_array __rcu *old_array,
 		}					\
 _out:							\
 		rcu_read_unlock();			\
-		preempt_enable_no_resched();		\
+		preempt_enable();			\
 		_ret;					\
 	 })

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ