lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <tencent_9920B633D50E9B80D3A41A723BCE06972309@qq.com>
Date:   Mon, 11 Apr 2022 22:20:45 +0800
From:   "zhangfei.gao@...mail.com" <zhangfei.gao@...mail.com>
To:     Dave Hansen <dave.hansen@...el.com>,
        Joerg Roedel <joro@...tes.org>,
        Fenghua Yu <fenghua.yu@...el.com>,
        jean-philippe <jean-philippe@...aro.org>
Cc:     Ravi V Shankar <ravi.v.shankar@...el.com>,
        Tony Luck <tony.luck@...el.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        x86 <x86@...nel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        iommu <iommu@...ts.linux-foundation.org>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Andy Lutomirski <luto@...nel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH v4 05/11] iommu/sva: Assign a PASID to mm on PASID
 allocation and free it on mm exit



On 2022/4/11 下午10:10, Dave Hansen wrote:
> On 4/11/22 07:00, Zhangfei Gao wrote:
>> with this patchset, each time after  sbin/nginx, ioasid is freed
>> immediately. lynx test will alloc the same ioasid=1.
> That doesn't seem right.  Isn't 'sbin/nginx' still running when lynx
> runs?  How can they get the same ioasid?
Yes, sbin/nginx is still running,
root        3228  0.0  0.0  31316 13476 ?        Ssl  12:50   0:00 
nginx: master process sbin/nginx
nobody      3230  0.0  0.0  32296 16456 ?        Sl   12:50   0:00 
nginx: worker process

Since ioasid is freed, so lynx can get the same ioasid.
>
> This sounds like a refcounting problem, like that the ioasid wasn't
> properly refcounted as nginx forked into the background.
Yes, in checking, thanks
and this patchset removed the old refcount.
>
>> To verify, hack comment mm_pasid_drop in __mmput will make the issue
>> disappear.
>>
>> log: after sbin/nginx.
>> [   96.526730] Call trace:
>> [   96.526732]  dump_backtrace+0xe4/0xf0
>> [   96.526741]  show_stack+0x20/0x70
>> [   96.526744]  dump_stack_lvl+0x8c/0xb8
>> [   96.526751]  dump_stack+0x18/0x34
>> [   96.526754]  ioasid_free+0xdc/0xfc
>> [   96.526757]  mmput+0x138/0x160
>> [   96.526760]  do_exit+0x284/0x9d0
>> [   96.526765]  do_group_exit+0x3c/0xa8
>> [   96.526767]  __wake_up_parent+0x0/0x38
>> [   96.526770]  invoke_syscall+0x4c/0x110
>> [   96.526775]  el0_svc_common.constprop.0+0x68/0x128
>> [   96.526778]  do_el0_svc+0x2c/0x90
>> [   96.526781]  el0_svc+0x30/0x98
>> [   96.526783]  el0t_64_sync_handler+0xb0/0xb8
>> [   96.526785]  el0t_64_sync+0x18c/0x190
> Is there nothing before this call trace?  Usually there will be at least
> some warning text.
I added dump_stack() in ioasid_free.

Thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ