| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Jun 2019 14:44:01 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Jens Axboe <axboe@...nel.dk>
Cc: Qian Cai <cai@....pw>, akpm@...ux-foundation.org, hch@....de,
oleg@...hat.com, gkohli@...eaurora.org, mingo@...hat.com,
linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] block: fix a crash in do_task_dead()
On Mon, Jun 03, 2019 at 02:37:05PM +0200, Peter Zijlstra wrote:
> Anyway, Oleg, do you see anything blatantly buggered with this patch?
>
> (the stats were already dodgy for rq-stats, this patch makes them dodgy
> for task-stats too)
It now also has concurrency on wakeup; but afaict that's harmless, we'll
get racing stores of p->state = TASK_RUNNING, much the same as if there
was a remote wakeup vs a wait-loop terminating early.
I suppose the tracepoint consumers might have to deal with some
artifacts there, but that's their problem.
> ---
> kernel/sched/core.c | 38 ++++++++++++++++++++++++++++++++------
> 1 file changed, 32 insertions(+), 6 deletions(-)
>
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index 102dfcf0a29a..474aa4c8e9d2 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -1990,6 +1990,28 @@ try_to_wake_up(struct task_struct *p, unsigned int state, int wake_flags)
> unsigned long flags;
> int cpu, success = 0;
>
> + if (p == current) {
> + /*
> + * We're waking current, this means 'p->on_rq' and 'task_cpu(p)
> + * == smp_processor_id()'. Together this means we can special
> + * case the whole 'p->on_rq && ttwu_remote()' case below
> + * without taking any locks.
> + *
> + * In particular:
> + * - we rely on Program-Order guarantees for all the ordering,
> + * - we're serialized against set_special_state() by virtue of
> + * it disabling IRQs (this allows not taking ->pi_lock).
> + */
> + if (!(p->state & state))
> + goto out;
> +
> + success = 1;
> + trace_sched_waking(p);
> + p->state = TASK_RUNNING;
> + trace_sched_woken(p);
> + goto out;
> + }
> +
> /*
> * If we are going to wake up a thread waiting for CONDITION we
> * need to ensure that CONDITION=1 done by the caller can not be
> @@ -1999,7 +2021,7 @@ try_to_wake_up(struct task_struct *p, unsigned int state, int wake_flags)
> raw_spin_lock_irqsave(&p->pi_lock, flags);
> smp_mb__after_spinlock();
> if (!(p->state & state))
> - goto out;
> + goto unlock;
>
> trace_sched_waking(p);
>
> @@ -2029,7 +2051,7 @@ try_to_wake_up(struct task_struct *p, unsigned int state, int wake_flags)
> */
> smp_rmb();
> if (p->on_rq && ttwu_remote(p, wake_flags))
> - goto stat;
> + goto unlock;
>
> #ifdef CONFIG_SMP
> /*
> @@ -2089,12 +2111,16 @@ try_to_wake_up(struct task_struct *p, unsigned int state, int wake_flags)
> #endif /* CONFIG_SMP */
>
> ttwu_queue(p, cpu, wake_flags);
> -stat:
> - ttwu_stat(p, cpu, wake_flags);
> -out:
> +unlock:
> raw_spin_unlock_irqrestore(&p->pi_lock, flags);
>
> - return success;
> +out:
> + if (success) {
> + ttwu_stat(p, cpu, wake_flags);
> + return true;
> + }
> +
> + return false;
> }
>
> /**
Powered by blists - more mailing lists