| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Jan 2009 18:07:51 -0800
From: Paul Menage <menage@...gle.com>
To: Li Zefan <lizf@...fujitsu.com>
Cc: Grzegorz Nosek <root@...aldomain.pl>, containers@...ts.osdl.org,
netdev@...r.kernel.org
Subject: Re: [Devel] Re: [RFC][PATCH] IP address restricting cgroup subsystem
>
> I think the only way to make hierarchy_mutex works for this issue is:
>
> @@ -2403,16 +2403,18 @@ static long cgroup_create(struct cgroup *parent, struct
> if (notify_on_release(parent))
> set_bit(CGRP_NOTIFY_ON_RELEASE, &cgrp->flags);
>
> + cgroup_lock_hierarchy(root);
> +
> for_each_subsys(root, ss) {
> struct cgroup_subsys_state *css = ss->create(ss, cgrp);
> if (IS_ERR(css)) {
> + cgroup_unlock_hierarchy(root);
> err = PTR_ERR(css);
> goto err_destroy;
> }
> init_cgroup_css(css, ss, cgrp);
> }
>
> - cgroup_lock_hierarchy(root);
> list_add(&cgrp->sibling, &cgrp->parent->children);
> cgroup_unlock_hierarchy(root);
> root->number_of_cgroups++;
>
That would be possible, but I'm not sure that extending
hierarchy_mutex across all the create calls is a good idea - it's
meant to be very lightweight.
OK, an alternative way to avoid cgroup_lock() is for the
spinlock-protected state in ipcgroup to be the address and the count
of active children.
create() does:
lock parent
css->addr = parent->addr
parent->child_count++;
unlock parent
and write does:
lock css
if (!css->child_count) {
css->addr = new_addr
} else {
report error;
}
unlock css
Paul
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists