| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iJjsCe+Yk6Kn8OUTqPEnSfbZv_gVhqByAYaY+pL2V36Qg@mail.gmail.com>
Date: Fri, 14 Feb 2025 18:48:54 +0100
From: Eric Dumazet <edumazet@...gle.com>
To: David Laight <david.laight.linux@...il.com>
Cc: Anna-Maria Behnsen <anna-maria@...utronix.de>, Frederic Weisbecker <frederic@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>, linux-kernel <linux-kernel@...r.kernel.org>,
Benjamin Segall <bsegall@...gle.com>, Eric Dumazet <eric.dumazet@...il.com>
Subject: Re: [PATCH 2/2] posix-timers: Use RCU in posix_timer_add()
On Fri, Feb 14, 2025 at 5:59 PM David Laight
<david.laight.linux@...il.com> wrote:
>
> On Fri, 14 Feb 2025 13:59:11 +0000
> Eric Dumazet <edumazet@...gle.com> wrote:
>
> > If many posix timers are hashed in posix_timers_hashtable,
> > hash_lock can be held for long durations.
> >
> > This can be really bad in some cases as Thomas
> > explained in https://lore.kernel.org/all/87ednpyyeo.ffs@tglx/
> >
> > We can perform all searches under RCU, then acquire
> > the lock only when there is a good chance to need it,
> > and after cpu caches were populated.
> >
> > I also added a cond_resched() in the possible long loop.
> >
> > Signed-off-by: Eric Dumazet <edumazet@...gle.com>
> > ---
> > kernel/time/posix-timers.c | 12 ++++++++++++
> > 1 file changed, 12 insertions(+)
> >
> > diff --git a/kernel/time/posix-timers.c b/kernel/time/posix-timers.c
> > index 204a351a2fd3..dd2f9016d3dc 100644
> > --- a/kernel/time/posix-timers.c
> > +++ b/kernel/time/posix-timers.c
> > @@ -112,7 +112,19 @@ static int posix_timer_add(struct k_itimer *timer)
> >
> > head = &posix_timers_hashtable[hash(sig, id)];
> >
> > + rcu_read_lock();
> > + if (__posix_timers_find(head, sig, id)) {
> > + rcu_read_unlock();
> > + cond_resched();
> > + continue;
> > + }
> > + rcu_read_unlock();
> > spin_lock(&hash_lock);
> > + /*
> > + * We must perform the lookup under hash_lock protection
> > + * because another thread could have used the same id.
> > + * This is very unlikely, but possible.
> > + */
>
> If next_posix_timer_id is 64bit (so can't wrap) I think you can compare the
> (unmasked by MAX_INT) value being used with the current value.
> If the difference is small (well less than MAX_INT) I don't think you need
> the rescan.
> (Not going to help 32bit - but who cares :-)
I just noticed the rescan is racy anyway, because when the other threads add
a timer, the timer->it_signal and timer->it_id are temporarily zero.
There is a small race window.
We can set timer->it_id earlier [1], but not timer->it_signal
More work is needed :)
[1]
diff --git a/kernel/time/posix-timers.c b/kernel/time/posix-timers.c
index dd2f9016d3dc..59ff75c81cff 100644
--- a/kernel/time/posix-timers.c
+++ b/kernel/time/posix-timers.c
@@ -126,6 +126,7 @@ static int posix_timer_add(struct k_itimer *timer)
* This is very unlikely, but possible.
*/
if (!__posix_timers_find(head, sig, id)) {
+ timer->it_id = (timer_t)id;
hlist_add_head_rcu(&timer->t_hash, head);
spin_unlock(&hash_lock);
return id;
@@ -428,7 +429,6 @@ static int do_timer_create(clockid_t which_clock,
struct sigevent *event,
return new_timer_id;
}
- new_timer->it_id = (timer_t) new_timer_id;
new_timer->it_clock = which_clock;
new_timer->kclock = kc;
new_timer->it_overrun = -1LL;
Powered by blists - more mailing lists