| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Apr 2020 17:55:30 -0700
From: Michel Lespinasse <walken@...gle.com>
To: Matthew Wilcox <willy@...radead.org>
Cc: Daniel Jordan <daniel.m.jordan@...cle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
linux-mm <linux-mm@...ck.org>,
LKML <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
Laurent Dufour <ldufour@...ux.ibm.com>,
Vlastimil Babka <vbabka@...e.cz>,
Liam Howlett <Liam.Howlett@...cle.com>,
Jerome Glisse <jglisse@...hat.com>,
Davidlohr Bueso <dave@...olabs.net>,
David Rientjes <rientjes@...gle.com>,
Hugh Dickins <hughd@...gle.com>, Ying Han <yinghan@...gle.com>,
Jason Gunthorpe <jgg@...pe.ca>
Subject: Re: [PATCH v4 07/10] mmap locking API: add mmap_read_trylock_non_owner()
On Mon, Apr 20, 2020 at 12:23 PM Matthew Wilcox <willy@...radead.org> wrote:
> On Mon, Apr 20, 2020 at 02:22:11PM -0400, Daniel Jordan wrote:
> > On Tue, Apr 14, 2020 at 05:43:50PM -0700, Michel Lespinasse wrote:
> > > diff --git a/kernel/bpf/stackmap.c b/kernel/bpf/stackmap.c
> > > index 11d41f0c7005..998968659892 100644
> > > --- a/kernel/bpf/stackmap.c
> > > +++ b/kernel/bpf/stackmap.c
> > > @@ -317,7 +316,7 @@ static void stack_map_get_build_id_offset(struct bpf_stack_build_id *id_offs,
> > > * with build_id.
> > > */
> > > if (!user || !current || !current->mm || irq_work_busy ||
> > > - mmap_read_trylock(current->mm) == 0) {
> > > + !mmap_read_trylock_non_owner(current->mm)) {
> > > /* cannot access current->mm, fall back to ips */
> > > for (i = 0; i < trace_nr; i++) {
> > > id_offs[i].status = BPF_STACK_BUILD_ID_IP;
> > > @@ -342,16 +341,10 @@ static void stack_map_get_build_id_offset(struct bpf_stack_build_id *id_offs,
> > > }
> > >
> > > if (!work) {
> > > - mmap_read_unlock(current->mm);
> > > + mmap_read_unlock_non_owner(current->mm);
> >
> > These 'non_owner' calls are not intuitive because current _is the owner, so the
> > v3 version seems better, even if it adds a special wrapper for rwsem_release.
> >
> > Though it makes some sense if you think, "we're consistently using the
> > non_owner APIs because there's a legitimate use somewhere else," so I'm fine
> > either way.
>
> I'm not really a big fan of v3 nor v4. What I'd like to see is a
> 'transfer of ownership' API. This could be to a different task, IRQ work,
> RCU, softirq, timer, ...
>
> That would let us track locking dependencies across complex flows, eg this
> wouldn't be warned about right now:
>
> rcu_work():
> lock(C)
> kfree(B)
> unlock(A)
> unlock(C)
>
> thread 1:
> lock(A)
> call_rcu(B)
>
> thread 2:
> lock(C)
> synchronize_rcu()
> unlock(C)
>
> but if we had an API that transferred ownership of A to RCU, then we'd
> see the C->RCU->A->C cycle.
>
> This is perhaps a bit much work to require of Laurent in order to get
> this patchset merged, but something to think about.
I think fundamentally, lockdep is better suited at handling locks that
are owned by a given task. I think extending lockdep just for the bpf
stacktrace use case would be way overkill ?
But yes, I agree that declining ownership as we do here leaves us open
to having lock dependency issues that lockdep won't diagnose.
--
Michel "Walken" Lespinasse
A program is never fully debugged until the last user dies.
Powered by blists - more mailing lists