Re: [PATCH 0/2] finx argv_split() vs sysctl race

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: Andi Kleen <andi@firstfloor.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Lucas De Marchi <lucas.de.marchi@gmail.com>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Paul Mackerras <paulus@samba.org>,
	david@gibson.dropbear.id.au, Kees Cook <keescook@chromium.org>,
	Serge Hallyn <serge.hallyn@canonical.com>,
	"Rafael J. Wysocki" <rjw@sisk.pl>,
	Feng Hong <hongfeng@marvell.com>,
	Lucas De Marchi <lucas.demarchi@profusion.mobi>
Subject: Re: [PATCH 0/2] finx argv_split() vs sysctl race
Date: Sat, 16 Mar 2013 21:45:39 +0100	[thread overview]
Message-ID: <20130316204539.GA19462@redhat.com> (raw)
In-Reply-To: <20130316203221.GT11268@two.firstfloor.org>

On 03/16, Andi Kleen wrote:
>
> On Sat, Mar 16, 2013 at 09:23:27PM +0100, Oleg Nesterov wrote:
> > On 03/15, Oleg Nesterov wrote:
> > >
> > > To remind, say, argv_split(poweroff_cmd) can race with sysctl changing this
> > > string, in this case it can write to the memory after argv[] array. We can
> > > fix this, or we can rewrite argv_split/free:
> >
> > OK, please see 1/2.
> >
> > And this reminds me about set_task_comm() which pretends it does something
> > meaningful for the reader of the mutable ->comm, see the offtopic 2/2.
>
> I had "rcu strings" to handle the sysctl string race problem in a
> generic way some time ago.
>
> http://lwn.net/Articles/368684/
>
> Unfortunately never made it in. Perhaps it should be revisited.

Perhaps rcu can be better, although a global rwsem looks simpler,
I dunno.

But argv_split() or its usage should be changed anyway, and GFP_KERNEL
won't work under rcu_read_lock().

To me 1/2 looks as a simplification anyway, but I won't argue if we
decide to add rcu/locking and avoid this patch.

Oleg.

next prev parent reply	other threads:[~2013-03-16 20:47 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-03-12  3:25 Regression with orderly_poweroff() Benjamin Herrenschmidt
2013-03-12 14:46 ` Linus Torvalds
2013-03-12 17:46   ` Oleg Nesterov
2013-03-12 17:54   ` Lucas De Marchi
2013-03-12 18:22     ` Oleg Nesterov
2013-03-12 18:42       ` Linus Torvalds
2013-03-12 19:11         ` Oleg Nesterov
2013-03-12 19:20           ` Linus Torvalds
2013-03-12 20:35             ` Oleg Nesterov
2013-03-13 17:46               ` [PATCH 0/1] poweroff: change orderly_poweroff() to use schedule_work() Oleg Nesterov
2013-03-13 17:47                 ` [PATCH 1/1] " Oleg Nesterov
2013-03-14 22:28                   ` Andrew Morton
2013-03-15 16:39                     ` Oleg Nesterov
2013-03-16 20:23                       ` [PATCH 0/2] finx argv_split() vs sysctl race Oleg Nesterov
2013-03-16 20:23                         ` [PATCH 1/2] teach argv_split() to handle the mutable strings Oleg Nesterov
2013-03-18 16:03                           ` [PATCH v2 " Oleg Nesterov
2013-03-18 21:53                           ` [PATCH " Andrew Morton
2013-03-19 19:54                             ` [PATCH -mm] argv_split-teach-it-to-handle-mutable-strings-fix-2 Oleg Nesterov
2013-03-16 20:24                         ` [PATCH 2/2] set_task_comm: kill the pointless memset() + wmb() Oleg Nesterov
2013-03-16 20:32                         ` [PATCH 0/2] finx argv_split() vs sysctl race Andi Kleen
2013-03-16 20:45                           ` Oleg Nesterov [this message]
2013-03-16 20:56                             ` Andi Kleen
2013-03-16 21:23                               ` Oleg Nesterov
2013-03-16 21:54                                 ` Andi Kleen
2013-03-17 14:15                                   ` Oleg Nesterov
2013-03-18 16:03                                     ` Oleg Nesterov
2013-03-13 23:35                 ` [PATCH 0/1] poweroff: change orderly_poweroff() to use schedule_work() Lucas De Marchi
2013-03-12 20:13           ` Regression with orderly_poweroff() Andi Kleen
2013-03-12 19:28   ` Benjamin Herrenschmidt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130316204539.GA19462@redhat.com \
    --to=oleg@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=andi@firstfloor.org \
    --cc=benh@kernel.crashing.org \
    --cc=david@gibson.dropbear.id.au \
    --cc=hongfeng@marvell.com \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucas.de.marchi@gmail.com \
    --cc=lucas.demarchi@profusion.mobi \
    --cc=paulus@samba.org \
    --cc=rjw@sisk.pl \
    --cc=serge.hallyn@canonical.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.