lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <jhjpn5jrgv6.mognet@arm.com>
Date:   Thu, 15 Oct 2020 10:14:05 +0100
From:   Valentin Schneider <valentin.schneider@....com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
        linux-kernel@...r.kernel.org, tglx@...utronix.de, mingo@...nel.org,
        qais.yousef@....com, swood@...hat.com, juri.lelli@...hat.com,
        vincent.guittot@...aro.org, dietmar.eggemann@....com,
        rostedt@...dmis.org, bsegall@...gle.com, mgorman@...e.de,
        bristot@...hat.com, vincent.donnefort@....com, tj@...nel.org
Subject: Re: [PATCH 1/2] sched: Deny self-issued __set_cpus_allowed_ptr() when migrate_disable()


On 13/10/20 15:21, Peter Zijlstra wrote:
> On Tue, Oct 13, 2020 at 04:15:08PM +0200, Sebastian Andrzej Siewior wrote:
>> On 2020-10-13 15:01:15 [+0100], Valentin Schneider wrote:
>> >   migrate_disable();
>> >   set_cpus_allowed_ptr(current, {something excluding task_cpu(current)});
>> >   affine_move_task(); <-- never returns
>> >
>> > Signed-off-by: Valentin Schneider <valentin.schneider@....com>
>> > ---
>> >  kernel/sched/core.c | 5 +++++
>> >  1 file changed, 5 insertions(+)
>> >
>> > diff --git a/kernel/sched/core.c b/kernel/sched/core.c
>> > index 4ccd1099adaa..7f4e38819de1 100644
>> > --- a/kernel/sched/core.c
>> > +++ b/kernel/sched/core.c
>> > @@ -2189,6 +2189,11 @@ static int __set_cpus_allowed_ptr(struct task_struct *p,
>> >    if (!(flags & SCA_MIGRATE_ENABLE) && cpumask_equal(&p->cpus_mask, new_mask))
>> >            goto out;
>> >
>> > +	if (p == current &&
>> > +	    is_migration_disabled(p) &&
>> > +	    !cpumask_test_cpu(task_cpu(p), new_mask))
>> > +		ret = -EBUSY;
>> > +
>>
>> This shouldn't happen, right? The function may sleep so it shouldn't be
>> entered with disabled migration. A WARN_ON might spot the bad caller.
>
> So yeah, I like detecting the case but agree with bigeasy that an
> additional WARN would make sense, lemme go add that.

Err, I've just realized that this will warn on migrate_enable() if there
are pending affinity changes, since p->migration_disabled is cleared
*after* the call to __set_cpus_allowed_ptr().

This wants:
---
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index d503d6cb8350..e8156e3d3b4a 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -2266,7 +2266,8 @@ static int __set_cpus_allowed_ptr(struct task_struct *p,
        if (!(flags & SCA_MIGRATE_ENABLE) && cpumask_equal(&p->cpus_mask, new_mask))
                goto out;

-	if (WARN_ON_ONCE(p == current &&
+	if (WARN_ON_ONCE(!(flags & SCA_MIGRATE_ENABLE) &&
+			 p == current &&
                         is_migration_disabled(p) &&
                         !cpumask_test_cpu(task_cpu(p), new_mask)))
                ret = -EBUSY;
---

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ