| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190902073836.GO2369@hirez.programming.kicks-ass.net>
Date: Mon, 2 Sep 2019 09:38:36 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Patrick Bellasi <patrick.bellasi@....com>
Cc: linux-kernel@...r.kernel.org, linux-pm@...r.kernel.org,
linux-api@...r.kernel.org, cgroups@...r.kernel.org,
Ingo Molnar <mingo@...hat.com>, Tejun Heo <tj@...nel.org>,
"Rafael J . Wysocki" <rafael.j.wysocki@...el.com>,
Vincent Guittot <vincent.guittot@...aro.org>,
Viresh Kumar <viresh.kumar@...aro.org>,
Paul Turner <pjt@...gle.com>, Michal Koutny <mkoutny@...e.com>,
Quentin Perret <quentin.perret@....com>,
Dietmar Eggemann <dietmar.eggemann@....com>,
Morten Rasmussen <morten.rasmussen@....com>,
Juri Lelli <juri.lelli@...hat.com>,
Todd Kjos <tkjos@...gle.com>,
Joel Fernandes <joelaf@...gle.com>,
Steve Muckle <smuckle@...gle.com>,
Suren Baghdasaryan <surenb@...gle.com>,
Alessio Balsini <balsini@...roid.com>
Subject: Re: [PATCH v14 5/6] sched/core: uclamp: Update CPU's refcount on
TG's clamp changes
On Mon, Sep 02, 2019 at 07:44:40AM +0100, Patrick Bellasi wrote:
> On Fri, Aug 30, 2019 at 09:48:34 +0000, Peter Zijlstra wrote...
> > On Thu, Aug 22, 2019 at 02:28:10PM +0100, Patrick Bellasi wrote:
> >> + rq = task_rq_lock(p, &rf);
> >
> > Since modifying cgroup parameters is priv only, this should be OK I
> > suppose. Priv can already DoS the system anyway.
>
> Are you referring to the possibility to DoS the scheduler by keep
> writing cgroup attributes?
Yep.
> Because, in that case I think cgroup attributes could be written also by
> non priv users. It all depends on how they are mounted and permissions
> are set. Isn't it?
>
> Anyway, I'm not sure we can fix that here... and in principle we could
> have that DoS by setting CPUs affinities, which is user exposed.
> Isn't it?
Only for a single task; by using the cgroup thing we have that in-kernel
iteration of tasks.
The thing I worry about is bouncing rq->lock around the system; but
yeah, I suppose a normal user could achieve something similar with
enough tasks.
> >> + /*
> >> + * Setting the clamp bucket is serialized by task_rq_lock().
> >> + * If the task is not yet RUNNABLE and its task_struct is not
> >> + * affecting a valid clamp bucket, the next time it's enqueued,
> >> + * it will already see the updated clamp bucket value.
> >> + */
> >> + if (!p->uclamp[clamp_id].active)
> >> + goto done;
> >> +
> >> + uclamp_rq_dec_id(rq, p, clamp_id);
> >> + uclamp_rq_inc_id(rq, p, clamp_id);
> >> +
> >> +done:
> >
> > I'm thinking that:
> >
> > if (p->uclamp[clamp_id].active) {
> > uclamp_rq_dec_id(rq, p, clamp_id);
> > uclamp_rq_inc_id(rq, p, clamp_id);
> > }
> >
> > was too obvious? ;-)
>
> Yep, right... I think there was some more code in prev versions but I
> forgot to get rid of that "goto" pattern after some change.
OK, already fixed that.
Powered by blists - more mailing lists