lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <29ef4e43-601a-48f3-b14b-a95514df7746@arm.com>
Date: Mon, 1 Sep 2025 14:38:35 +0100
From: Christian Loehle <christian.loehle@....com>
To: tj@...nel.org, arighi@...dia.com, void@...ifault.com
Cc: linux-kernel@...r.kernel.org, sched-ext@...ts.linux.dev,
 changwoo@...lia.com, hodgesd@...a.com, mingo@...hat.com,
 peterz@...radead.org, jake@...lion.co.uk
Subject: Re: [PATCH v5 0/3] sched_ext: Harden scx_bpf_cpu_rq()

On 9/1/25 14:26, Christian Loehle wrote:
> scx_bpf_cpu_rq() currently allows accessing struct rq fields without
> holding the associated rq.
> It is being used by scx_cosmos, scx_flash, scx_lavd, scx_layered, and
> scx_tickless. Fortunately it is only ever used to fetch rq->curr.
> So provide an alternative scx_bpf_remote_curr() that doesn't expose struct rq
> and provide a hardened scx_bpf_cpu_rq_locked() by ensuring we hold the rq lock.
> Add a deprecation warning to scx_bpf_cpu_rq() that mentions the two alternatives.
> 
> This also simplifies scx code from:
> 
> rq = scx_bpf_cpu_rq(cpu);
> if (!rq)
> 	return;
> p = rq->curr
> /* ... Do something with p */
> 
> into:
> 
> p = scx_bpf_remote_curr(cpu);
> /* ... Do something with p */
> 
> v4:
> Remove cpu argument from scx_bpf_cpu_rq_locked() as SCX has a unique
> locked_rq_state anyway. (Tejun)
> Expose RCU pointer in scx_bpf_remote_curr() (Peter)
> v3:
> https://lore.kernel.org/lkml/20250805111036.130121-1-christian.loehle@arm.com/
> Don't change scx_bpf_cpu_rq() do not break BPF schedulers without the
> grace period. Just add the deprecation warning and do the hardening in
> the new scx_bpf_cpu_rq_locked(). (Andrea, Tejun, Jake)
> v2:
> https://lore.kernel.org/lkml/20250804112743.711816-1-christian.loehle@arm.com/
> - Open-code bpf_task_acquire() to avoid the forward declaration (Andrea)
> - Rename scx_bpf_task_acquire_remote_curr() to make it more explicit it
> behaves like bpf_task_acquire()
> - Dis
> v1:
> https://lore.kernel.org/lkml/20250801141741.355059-1-christian.loehle@arm.com/
> - scx_bpf_cpu_rq() now errors when a not locked rq is requested. (Andrea)
> - scx_bpf_remote_curr() calls bpf_task_acquire() which BPF user needs to
> release. (Andrea)
> 
> Christian Loehle (3):
>   sched_ext: Introduce scx_bpf_cpu_rq_locked()
>   sched_ext: Introduce scx_bpf_remote_curr()
>   sched_ext: deprecation warn for scx_bpf_cpu_rq()
> 
>  kernel/sched/ext.c                       | 40 ++++++++++++++++++++++++
>  tools/sched_ext/include/scx/common.bpf.h |  2 ++
>  2 files changed, 42 insertions(+)
> 
> --
> 2.34.1
> 

Messed up my git-send-mail here :/
Anyway either one of those v5 cover letters is the correct one.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ