From: Eric Biggers <ebiggers3@gmail.com>
To: linux-crypto@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>
Cc: Tudor-Dan Ambarus <tudor.ambarus@microchip.com>,
Mat Martineau <mathew.j.martineau@linux.intel.com>,
Salvatore Benedetto <salvatore.benedetto@intel.com>,
keyrings@vger.kernel.org, linux-kernel@vger.kernel.org,
Eric Biggers <ebiggers@google.com>,
stable@vger.kernel.org
Subject: [PATCH] lib/mpi: call cond_resched() from mpi_powm() loop
Date: Tue, 07 Nov 2017 06:19:51 +0000 [thread overview]
Message-ID: <20171107061951.861-1-ebiggers3@gmail.com> (raw)
From: Eric Biggers <ebiggers@google.com>
On a non-preemptible kernel, if KEYCTL_DH_COMPUTE is called with the
largest permitted inputs (16384 bits), the kernel spends 10+ seconds
doing modular exponentiation in mpi_powm() without rescheduling. If all
threads do it, it locks up the system. Moreover, it can cause
rcu_sched-stall warnings.
Notwithstanding the insanity of doing this calculation in kernel mode
rather than in userspace, fix it by calling cond_resched() as each bit
from the exponent is processed. It's still noninterruptible, but at
least it's preemptible now.
Cc: stable@vger.kernel.org # v4.12+
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
lib/mpi/mpi-pow.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/mpi/mpi-pow.c b/lib/mpi/mpi-pow.c
index e24388a863a7..f089a52dbbdb 100644
--- a/lib/mpi/mpi-pow.c
+++ b/lib/mpi/mpi-pow.c
@@ -26,6 +26,7 @@
* however I decided to publish this code under the plain GPL.
*/
+#include <linux/sched.h>
#include <linux/string.h>
#include "mpi-internal.h"
#include "longlong.h"
@@ -263,6 +264,8 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod)
break;
e = ep[i];
c = BITS_PER_MPI_LIMB;
+
+ cond_resched();
}
/* We shifted MOD, the modulo reduction argument, left MOD_SHIFT_CNT
--
2.15.0
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers3@gmail.com>
To: linux-crypto@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>
Cc: Tudor-Dan Ambarus <tudor.ambarus@microchip.com>,
Mat Martineau <mathew.j.martineau@linux.intel.com>,
Salvatore Benedetto <salvatore.benedetto@intel.com>,
keyrings@vger.kernel.org, linux-kernel@vger.kernel.org,
Eric Biggers <ebiggers@google.com>,
stable@vger.kernel.org
Subject: [PATCH] lib/mpi: call cond_resched() from mpi_powm() loop
Date: Mon, 6 Nov 2017 22:19:51 -0800 [thread overview]
Message-ID: <20171107061951.861-1-ebiggers3@gmail.com> (raw)
From: Eric Biggers <ebiggers@google.com>
On a non-preemptible kernel, if KEYCTL_DH_COMPUTE is called with the
largest permitted inputs (16384 bits), the kernel spends 10+ seconds
doing modular exponentiation in mpi_powm() without rescheduling. If all
threads do it, it locks up the system. Moreover, it can cause
rcu_sched-stall warnings.
Notwithstanding the insanity of doing this calculation in kernel mode
rather than in userspace, fix it by calling cond_resched() as each bit
from the exponent is processed. It's still noninterruptible, but at
least it's preemptible now.
Cc: stable@vger.kernel.org # v4.12+
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
lib/mpi/mpi-pow.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/mpi/mpi-pow.c b/lib/mpi/mpi-pow.c
index e24388a863a7..f089a52dbbdb 100644
--- a/lib/mpi/mpi-pow.c
+++ b/lib/mpi/mpi-pow.c
@@ -26,6 +26,7 @@
* however I decided to publish this code under the plain GPL.
*/
+#include <linux/sched.h>
#include <linux/string.h>
#include "mpi-internal.h"
#include "longlong.h"
@@ -263,6 +264,8 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod)
break;
e = ep[i];
c = BITS_PER_MPI_LIMB;
+
+ cond_resched();
}
/* We shifted MOD, the modulo reduction argument, left MOD_SHIFT_CNT
--
2.15.0
next reply other threads:[~2017-11-07 6:19 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-07 6:19 Eric Biggers [this message]
2017-11-07 6:19 ` [PATCH] lib/mpi: call cond_resched() from mpi_powm() loop Eric Biggers
2017-11-07 18:38 ` Mat Martineau
2017-11-07 18:38 ` Mat Martineau
2017-11-07 18:38 ` Mat Martineau
2017-11-07 22:03 ` Eric Biggers
2017-11-07 22:03 ` Eric Biggers
2017-11-10 11:37 ` Herbert Xu
2017-11-10 11:37 ` Herbert Xu
2017-11-10 18:41 ` Eric Biggers
2017-11-10 18:41 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171107061951.861-1-ebiggers3@gmail.com \
--to=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mathew.j.martineau@linux.intel.com \
--cc=salvatore.benedetto@intel.com \
--cc=stable@vger.kernel.org \
--cc=tudor.ambarus@microchip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.