lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 27 May 2020 21:05:24 +0100
From:   Al Viro <viro@...iv.linux.org.uk>
To:     KP Singh <kpsingh@...omium.org>
Cc:     open list <linux-kernel@...r.kernel.org>,
        linux-fsdevel@...r.kernel.org, bpf <bpf@...r.kernel.org>,
        Brendan Jackman <jackmanb@...omium.org>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Christoph Hellwig <hch@...radead.org>
Subject: Re: [PATCH] fs: Add an explicit might_sleep() to iput

On Wed, May 27, 2020 at 09:50:46PM +0200, KP Singh wrote:
> On Wed, May 27, 2020 at 9:09 PM Al Viro <viro@...iv.linux.org.uk> wrote:
> >
> > On Wed, May 27, 2020 at 04:17:53PM +0200, KP Singh wrote:
> > > From: KP Singh <kpsingh@...gle.com>
> > >
> > > It is currently mentioned in the comments to the function that iput
> > > might sleep when the inode is destroyed. Have it call might_sleep, as
> > > dput already does.
> > >
> > > Adding an explicity might_sleep() would help in quickly realizing that
> > > iput is called from a place where sleeping is not allowed when
> > > CONFIG_DEBUG_ATOMIC_SLEEP is enabled as noticed in the dicussion:
> >
> > You do realize that there are some cases where iput() *is* guaranteed
> > to be non-blocking, right?
> 
> Yes, but the same could be said about dput too right?

Theoretically, but note that even there dput(NULL) won't trigger that.

> Are there any callers that rely on these cases? (e.g. when the caller is
> sure that it's not dropping the last reference to the inode).

Not sure - there might be.  Try and see if it gives false positives,
but I would rather have it done in -next circa -rc1, so we could see
what falls out and withdraw that if there turn out to be some.

One thing I definitely want to avoid is a flow of BS patches of
"warning is given, therefore we must do something, this is something,
let's do it" variety.  Right now we have just under 700 callers in
the tree, most of them in individual filesystems; I'm not up to
auditing that pile on the moments notice...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ