lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 25 Jul 2019 15:50:06 -0300
From:   Jason Gunthorpe <jgg@...pe.ca>
To:     Maksym Planeta <mplaneta@...inf.tu-dresden.de>
Cc:     Moni Shoua <monis@...lanox.com>,
        Doug Ledford <dledford@...hat.com>, linux-rdma@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 10/10] Replace tasklets with workqueues

On Thu, Jul 25, 2019 at 04:36:20PM +0200, Maksym Planeta wrote:
> Is this one better?
> 
> Replace tasklets with workqueues in rxe driver. The reason for this
> replacement is that tasklets are supposed to run atomically, although the
> actual code may block.
> 
> Modify the SKB destructor for outgoing SKB's to schedule QP tasks only if
> the QP is not destroyed itself.
> 
> Add a variable "pending_skb_down" to ensure that reference counting for a QP
> is decremented only when QP access related to this skb is over.
> 
> Separate part of pool element cleanup code to allow this code to be called
> in the very end of cleanup, even if some of cleanup is scheduled for
> asynchronous execution. Example, when it was happening is destructor for a
> QP.
> 
> Disallow calling of task functions "directly". This allows to simplify logic
> inside rxe_task.c
> 
> Schedule rxe_qp_do_cleanup onto high-priority system workqueue, because this
> function can be scheduled from normal system workqueue.
> 
> Before destroying a QP, wait until all references to this QP are gone.
> Previously the problem was that outgoing SKBs could be freed after the QP
> these SKBs refer to is destroyed.
> 
> Add blocking rxe_run_task to replace __rxe_do_task that was calling task
> function directly.

Mostly but it would also be good to describe the use after free and
races more specifically

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ