lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250127202608.223864-2-andrealmeid@igalia.com>
Date: Mon, 27 Jan 2025 17:26:05 -0300
From: André Almeida <andrealmeid@...lia.com>
To: Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Darren Hart <dvhart@...radead.org>,
	Davidlohr Bueso <dave@...olabs.net>,
	Arnd Bergmann <arnd@...db.de>,
	Florian Weimer <fweimer@...hat.com>
Cc: linux-kernel@...r.kernel.org,
	kernel-dev@...lia.com,
	Vinicius Peixoto <vpeixoto@...amp.dev>,
	André Almeida <andrealmeid@...lia.com>
Subject: [PATCH v2 1/4] futex: Drop ROBUST_LIST_LIMIT

ROBUST_LIST_LIMIT was introduced to avoid the kernel get stuck in
circular lists, stopping to handle locks after the limit. This could
cause starvation in applications that have very long lists with valid
and non repetitive elements.

Instead of having a hard limit, rewrite the next pointer list while
walking on it. In this way, if the kernel ever revisits a repetitive
element (characterizing a circular list) the loop will stop.

Signed-off-by: André Almeida <andrealmeid@...lia.com>
---
 include/uapi/linux/futex.h |  3 +--
 kernel/futex/core.c        | 13 +++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/include/uapi/linux/futex.h b/include/uapi/linux/futex.h
index d2ee625ea189..3f31f38245f9 100644
--- a/include/uapi/linux/futex.h
+++ b/include/uapi/linux/futex.h
@@ -165,8 +165,7 @@ struct robust_list_head {
 #define FUTEX_TID_MASK		0x3fffffff
 
 /*
- * This limit protects against a deliberately circular list.
- * (Not worth introducing an rlimit for it)
+ * Deprecated, do not use. There is no limit of items in a list.
  */
 #define ROBUST_LIST_LIMIT	2048
 
diff --git a/kernel/futex/core.c b/kernel/futex/core.c
index 3db8567f5a44..b1328697d7cc 100644
--- a/kernel/futex/core.c
+++ b/kernel/futex/core.c
@@ -779,7 +779,7 @@ static void exit_robust_list(struct task_struct *curr)
 {
 	struct robust_list_head __user *head = curr->robust_list;
 	struct robust_list __user *entry, *next_entry, *pending;
-	unsigned int limit = ROBUST_LIST_LIMIT, pi, pip;
+	unsigned int pi, pip;
 	unsigned int next_pi;
 	unsigned long futex_offset;
 	int rc;
@@ -820,13 +820,14 @@ static void exit_robust_list(struct task_struct *curr)
 		}
 		if (rc)
 			return;
-		entry = next_entry;
-		pi = next_pi;
+
 		/*
-		 * Avoid excessively long or circular lists:
+		 * Avoid circular lists:
 		 */
-		if (!--limit)
-			break;
+		put_user(&head->list, &entry->next);
+
+		entry = next_entry;
+		pi = next_pi;
 
 		cond_resched();
 	}
-- 
2.48.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ