lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <85fb3a90-fbf4-4925-8b53-197f3faa574d@oracle.com>
Date: Wed, 11 Sep 2024 11:20:30 -0500
From: Mike Christie <michael.christie@...cle.com>
To: "Michael S. Tsirkin" <mst@...hat.com>, Cindy Lu <lulu@...hat.com>
Cc: jasowang@...hat.com, linux-kernel@...r.kernel.org,
        virtualization@...ts.linux-foundation.org
Subject: Re: [RESEND PATCH v1 0/7]vhost: Add support of kthread API

On 9/10/24 2:41 AM, Michael S. Tsirkin wrote:
> On Mon, Sep 09, 2024 at 10:00:38AM +0800, Cindy Lu wrote:
>> In commit 6e890c5d5021 ("vhost: use vhost_tasks for worker threads"),
>> vhost removed the support for the kthread API. However, there are
>> still situations where there is a request to use kthread.
>> In this PATCH, the support of kthread is added back. Additionally,
>> a module_param is added to enforce which mode we are using, and
>> a new UAPI is introduced to allow the userspace app to set the
>> mode they want to use.
>>
>> Tested the user application with QEMU.
> 
> Cindy, the APIs do not make sense, security does not make sense,
> and you are not describing the issue and the fix.
> 
> 
> The name should reflect what this does from userspace POV, not from
> kernel API POV.  kthread and task mode is not something that any users
> have any business even to consider.
> 
> 
> To help you out, some ideas:
> 
> I think the issue is something like "vhost is now a child of the
> owner thread. While this makes sense from containerization
> POV, some old userspace is confused, as previously vhost not
> and so was allowed to steal cpu resources from outside the container."
> 
> Now, what can be done? Given we already released a secure kernel,
> I am not inclined to revert it back to be insecure by default.
> But I'm fine with a modparam to allow userspace to get insecure
> behaviour.
> 
> 
> Now, a modparam is annoying in that it affects all userspace,
> and people might be running a mix of old and new userspace.
> So if we do that, we also want a flag that will get
> safe behaviour even if unsafe one is allowed.
> 
> 
> Is this clear enough, or do I need to elaborate more?
> 
Thanks for working on this Cindy. I've been trying to implement
this in a way where we don't have to duplicate a lot of code but
have been hitting various issues. For example, I've been trying
to modify the vhost_task code so it can emulate the kthread
behavior we had before.

If people are ok with something similar as in this patchset where
we have both vhost_tasks and kthreads, then I can send something.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ