| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201204070906.HHC13855.QOSFVOMtFFLJOH@I-love.SAKURA.ne.jp> Date: Sat, 7 Apr 2012 09:06:50 +0900 From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp> To: garlick@...l.gov Cc: levinsasha928@...il.com, ericvh@...il.com, oleg@...hat.com, eric.dumazet@...il.com, davem@...emloft.net, kuznet@....inr.ac.ru, jmorris@...ei.org, yoshfuji@...ux-ipv6.org, kaber@...sh.net, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, davej@...hat.com Subject: Re: ipv6: tunnel: hang when destroying ipv6 tunnel Jim Garlick wrote: > > I think this loop is bad with regard to response to SIGKILL. > > If wait_event_interruptible() was interrupted by SIGKILL, it will > > spin until req->status >= REQ_STATUS_RCVD becomes true. > > Rather, > > > > if ((c->status == Connected) && (type == P9_TFLUSH)) > > err = wait_event_killable(*req->wq, > > req->status >= REQ_STATUS_RCVD); > > else > > err = wait_event_interruptible(*req->wq, > > req->status >= REQ_STATUS_RCVD); > > > > would be safer. > > Does that work? What prevents p9_client_rpc() from recursing via > p9_client_flush() on receipt of SIGKILL? Sorry, I'm not a 9p user and I can't test whether that works or not. But at least, continuing the loop even after SIGKILL is not good. If you have to wait for req->status >= REQ_STATUS_RCVD becomes true, can you use a kernel thread that waits req->status >= REQ_STATUS_RCVD to become true and delegate the job of notifying the server from a userspace task to the kernel thread? > Yes but in the unlikely event that this happens, the effect is a small > memory leak for the duration of the mount. On the other hand if the > fid is destroyed without successfully informing the server, then > subsequent operations that involve new file references will fail > when that fid number is reused, and the mount becomes unusable. I don't know whether Sasha's problem is caused by this patch or not. But p9_client_clunk() is called from many functions in fs/9p/ directory. They are assuming that p9_client_clunk() will call p9_fid_destroy() but this patch is breaking that assumption. I think this is the cause of hang which Sasha is experiencing because Sasha's trace shows that call_usermodehelper() is blocked by functions in fs/9p/ directory. Seems inconsistency state problem. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists