lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 28 Mar 2022 18:17:38 +0200
From:   Sebastian Andrzej Siewior <bigeasy@...utronix.de>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org,
        Oleg Nesterov <oleg@...hat.com>,
        "H. Peter Anvin" <hpa@...or.com>,
        Andy Lutomirski <luto@...nel.org>,
        Ben Segall <bsegall@...gle.com>,
        Borislav Petkov <bp@...en8.de>,
        Daniel Bristot de Oliveira <bristot@...hat.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Dietmar Eggemann <dietmar.eggemann@....com>,
        Ingo Molnar <mingo@...hat.com>,
        Juri Lelli <juri.lelli@...hat.com>,
        Mel Gorman <mgorman@...e.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Vincent Guittot <vincent.guittot@...aro.org>
Subject: Re: [PATCH] signal/x86: Delay calling signals in atomic

On 2022-03-28 09:25:06 [-0500], Eric W. Biederman wrote:
> Sebastian Andrzej Siewior <bigeasy@...utronix.de> writes:
> 
> Folks I really would have appreciated being copied on a signal handling
> patch like this.

Sorry for that. For the whole ptrace/signal part is no maintainer listed
and I got the feeling that Oleg knows these bits.

> It is too late to nack, but I think this buggy patch deserved one.  Can
> we please fix PREEMPT_RT instead?

Sure.

> As far as I can tell this violates all of rules from
> implementing/maintaining the RT kernel.  Instead of coming up with new
> abstractions that makes sense and can use by everyone this introduces
> a hack only for PREEMPT_RT and a pretty horrible one at that.
>
> This talks about int3, but the code looks for in_atomic().  Which means
> that essentially every call of force_sig will take this path as they
> almost all come from exception handlers.  It is the nature of signals
> that report on faults.  An exception is raised and the kernel reports it
> to userspace with a fault signal (aka force_sig_xxx).

The int3 is invoked with disabled interrupts. There are also a few
others path which are explicit with disabled interrupts or with a
raw_spinlock_t which lead to an atomic section on PREEMPT_RT. Call
chains with spinlock_t or a rwlock_t don't lead to a atomic section on
PREEMPT_RT. Therefore I don't think this is "essentially every call of
force_sig" that is going to use that.

> Further this code is buggy.  TIF_NOTIFY_RESUME is not the correct
> flag to set to enter into exit_to_usermode_loop.  TIF_NOTIFY_RESUME is
> about that happens after signal handling.  This very much needs to be
> TIF_SIGPENDING with recalc_sigpending and friends updated to know about
> "task->force_info".
> 
> Does someone own this problem?  Can that person please fix this
> properly?

Sure. Instead setting TIF_NOTIFY_RESUME you want the code updated to use
recalc_sigpending() only. Or do you have other suggestions regarding
fixing this properly?

> I really don't think it is going to be maintainable for PREEMPT_RT to
> maintain a separate signal delivery path for faults from the rest of
> linux.

Okay.

> Eric

Sebastian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ