lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <995754de-5ec4-0a62-991e-2ea77a6bc622@os.inf.tu-dresden.de>
Date:   Fri, 11 Oct 2019 12:41:50 +0200
From:   Maksym Planeta <mplaneta@...inf.tu-dresden.de>
To:     Jason Gunthorpe <jgg@...pe.ca>
Cc:     Moni Shoua <monis@...lanox.com>,
        Doug Ledford <dledford@...hat.com>, linux-rdma@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 10/10] Replace tasklets with workqueues

Hi,

this is a kind reminder regarding the patchset. I added description of 
races in the original email.

On 30/07/2019 21:20, Maksym Planeta wrote:
> 
> 
> On 25/07/2019 20:50, Jason Gunthorpe wrote:
>> On Thu, Jul 25, 2019 at 04:36:20PM +0200, Maksym Planeta wrote:
>>> Is this one better?
>>>
>>> Replace tasklets with workqueues in rxe driver. The reason for this
>>> replacement is that tasklets are supposed to run atomically, although 
>>> the
>>> actual code may block.
>>>
>>> Modify the SKB destructor for outgoing SKB's to schedule QP tasks 
>>> only if
>>> the QP is not destroyed itself.
>>>
>>> Add a variable "pending_skb_down" to ensure that reference counting 
>>> for a QP
>>> is decremented only when QP access related to this skb is over.
>>>
>>> Separate part of pool element cleanup code to allow this code to be 
>>> called
>>> in the very end of cleanup, even if some of cleanup is scheduled for
>>> asynchronous execution. Example, when it was happening is destructor 
>>> for a
>>> QP.
>>>
>>> Disallow calling of task functions "directly". This allows to 
>>> simplify logic
>>> inside rxe_task.c
>>>
>>> Schedule rxe_qp_do_cleanup onto high-priority system workqueue, 
>>> because this
>>> function can be scheduled from normal system workqueue.
>>>
>>> Before destroying a QP, wait until all references to this QP are gone.
>>> Previously the problem was that outgoing SKBs could be freed after 
>>> the QP
>>> these SKBs refer to is destroyed.
>>>
>>> Add blocking rxe_run_task to replace __rxe_do_task that was calling task
>>> function directly.
>>
>> Mostly but it would also be good to describe the use after free and
>> races more specifically
>>
> 
> These situations are described in the cover letter (PATCH 00/10). Do you 
> need a more detailed description than that?
> 
>> Jason
>>
> 

-- 
Regards,
Maksym Planeta

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ