lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 May 2022 13:27:00 +0100 From: Valentin Schneider <vschneid@...hat.com> To: Phil Auld <pauld@...hat.com> Cc: linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>, Peter Zijlstra <peterz@...radead.org> Subject: Re: [PATCH v2 1/2] cpuhp: make target_store() a nop when target == state On 27/05/22 09:22, Phil Auld wrote: > On Fri, May 27, 2022 at 10:38:24AM +0100 Valentin Schneider wrote: >> On 26/05/22 12:06, Phil Auld wrote: >> > writing the current state back in hotplug/target calls cpu_down() >> > which will set cpu dying even when it isn't and then nothing will >> > ever clear it. A stress test that reads values and writes them back >> > for all cpu device files in sysfs will trigger the BUG() in >> > select_fallback_rq once all cpus are marked as dying. >> > >> > kernel/cpu.c::target_store() >> > ... >> > if (st->state < target) >> > ret = cpu_up(dev->id, target); >> > else >> > ret = cpu_down(dev->id, target); >> > >> > cpu_down() -> cpu_set_state() >> > bool bringup = st->state < target; >> > ... >> > if (cpu_dying(cpu) != !bringup) >> > set_cpu_dying(cpu, !bringup); >> > >> > Fix this by letting state==target fall through in the target_store() >> > conditional. >> > >> >> To go back on my data race paranoia: writes to both cpu$x/online and >> cpu$x/hotplug/target are serialized by device_hotplug_lock, and so are the >> exported kernel hotplug functions ({add, remove}_cpu()). >> >> That's not cpu_add_remove_lock as I was looking for, but that's still all >> under one lock, so I think we're good. Sorry for that! >> > > Right. This catches it up higher so that we don't get into the code that > starts actually changing things. I wonder now in the state == target case > if we should make sure st->target == target. With the second patch it's > less likely to be needed. Thoughts? > Yeah, you could append a simple: else WARN_ON(st->state != target); > Maybe I'll include that if/when I have code to keep cpux/online in sync > with st->state and cpu_online_mask.
Powered by blists - more mailing lists