lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c0002bca-efa0-b0b3-9c02-268c727c989c@redhat.com>
Date: Fri, 6 Sep 2024 12:59:25 +0200 (CEST)
From: Mikulas Patocka <mpatocka@...hat.com>
To: Eric Biggers <ebiggers@...nel.org>
cc: dm-devel@...ts.linux.dev, Alasdair Kergon <agk@...hat.com>, 
    Mike Snitzer <snitzer@...nel.org>, Tejun Heo <tj@...nel.org>, 
    Lai Jiangshan <jiangshanlai@...il.com>, linux-kernel@...r.kernel.org, 
    linux-mm@...ck.org, Sami Tolvanen <samitolvanen@...gle.com>
Subject: Re: [PATCH] dm verity: don't use WQ_MEM_RECLAIM



On Thu, 5 Sep 2024, Eric Biggers wrote:

> On Thu, Sep 05, 2024 at 08:21:46PM +0200, Mikulas Patocka wrote:
> > 
> > 
> > On Tue, 3 Sep 2024, Eric Biggers wrote:
> > 
> > > From: Eric Biggers <ebiggers@...gle.com>
> > > 
> > > Since dm-verity doesn't support writes, the kernel's memory reclaim code
> > > will never wait on dm-verity work.  That makes the use of WQ_MEM_RECLAIM
> > > in dm-verity unnecessary.  WQ_MEM_RECLAIM has been present from the
> > > beginning of dm-verity, but I could not find a justification for it;
> > > I suspect it was just copied from dm-crypt which does support writes.
> > > 
> > > Therefore, remove WQ_MEM_RECLAIM from dm-verity.  This eliminates the
> > > creation of an unnecessary rescuer thread per dm-verity device.
> > > 
> > > Signed-off-by: Eric Biggers <ebiggers@...gle.com>
> > 
> > Hmm. I can think about a case where you have read-only dm-verity device, 
> > on the top of that you have dm-snapshot device and on the top of that you 
> > have a writable filesystem.
> > 
> > When the filesystem needs to write data, it submits some write bios. When 
> > dm-snapshot receives these write bios, it will read from the dm-verity 
> > device and write to the snapshot's exception store device. So, dm-verity 
> > needs WQ_MEM_RECLAIM in this case.
> > 
> > Mikulas
> > 
> 
> Yes, unfortunately that sounds correct.
> 
> This means that any workqueue involved in fulfilling block device I/O,
> regardless of whether that I/O is read or write, has to use WQ_MEM_RECLAIM.
> 
> I wonder if there's any way to safely share the rescuer threads.
> 
> - Eric

When I thought about it, I think that removing WQ_MEM_RECLAIM would be 
incorrect even without snapshot and it could deadlock even with a 
read-only filesystem directly on the top of dm-verity.

There is a limited number of workqueue kernel threads in the system. If 
all the workqueue kernel threads are busy trying to read some data from a 
filesystem that is on the top of dm-verity, then the system deadlocks. 
Dm-verity would wait until one of the work items exits - and the work 
items would wait for dm-verity to return the data.

The probability that this happens is low, but theoretically it is wrong.

Mikulas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ