lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 5 Jul 2022 10:41:09 -0700
From:   "Paul E. McKenney" <paulmck@...nel.org>
To:     Zqiang <qiang1.zhang@...el.com>
Cc:     frederic@...nel.org, quic_neeraju@...cinc.com, rcu@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] rcu: Make tiny RCU support leak callbacks for
 debug-object errors

On Fri, Jul 01, 2022 at 10:44:04AM +0800, Zqiang wrote:
> Currently, only tree RCU support leak callbacks setting when do
> duplicate call_rcu(). this commit add leak callbacks setting when
> fo duplicate call_rcu() for tiny RCU.
> 
> Signed-off-by: Zqiang <qiang1.zhang@...el.com>

This does look plausible, thank you!

What testing have you done?

One important test for Tiny RCU is that the size of the kernel not
grow without a very good reason.  In this case, the added code should
be dead code in a production build (CONFIG_DEBUG_OBJECTS_RCU_HEAD=n),
but it is good to check.

It is of course also good to check that the messages print as expected,
which is what rcutorture.object_debug is there to help with.

							Thanx, Paul

> ---
>  v1->v2:
>  for do duplicate kvfree_call_rcu(), not set leak callbacks. 
> 
>  kernel/rcu/tiny.c | 17 ++++++++++++++++-
>  1 file changed, 16 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c
> index f0561ee16b9c..943d431b908f 100644
> --- a/kernel/rcu/tiny.c
> +++ b/kernel/rcu/tiny.c
> @@ -158,6 +158,10 @@ void synchronize_rcu(void)
>  }
>  EXPORT_SYMBOL_GPL(synchronize_rcu);
>  
> +static void tiny_rcu_leak_callback(struct rcu_head *rhp)
> +{
> +}
> +
>  /*
>   * Post an RCU callback to be invoked after the end of an RCU grace
>   * period.  But since we have but one CPU, that would be after any
> @@ -165,9 +169,20 @@ EXPORT_SYMBOL_GPL(synchronize_rcu);
>   */
>  void call_rcu(struct rcu_head *head, rcu_callback_t func)
>  {
> +	static atomic_t doublefrees;
>  	unsigned long flags;
>  
> -	debug_rcu_head_queue(head);
> +	if (debug_rcu_head_queue(head)) {
> +		if (atomic_inc_return(&doublefrees) < 4) {
> +			pr_err("%s(): Double-freed CB %p->%pS()!!!  ", __func__, head, head->func);
> +			mem_dump_obj(head);
> +		}
> +
> +		if (!__is_kvfree_rcu_offset((unsigned long)head->func))
> +			WRITE_ONCE(head->func, tiny_rcu_leak_callback);
> +		return;
> +	}
> +
>  	head->func = func;
>  	head->next = NULL;
>  
> -- 
> 2.25.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ