From: Tejun Heo <tj@kernel.org>
To: torvalds@linux-foundation.org, jannh@google.com,
paulmck@linux.vnet.ibm.com, bcrl@kvack.org,
viro@zeniv.linux.org.uk, kent.overstreet@gmail.com
Cc: security@kernel.org, linux-kernel@vger.kernel.org, kernel-team@fb.com
Subject: [PATCHSET] percpu_ref, RCU: Audit RCU usages in percpu_ref users
Date: Tue, 6 Mar 2018 09:26:50 -0800 [thread overview]
Message-ID: <20180306172657.3060270-1-tj@kernel.org> (raw)
Hello,
Jann Horn found that aio was depending on the internal RCU grace
periods of percpu-ref and that it's broken because aio uses regular
RCU while percpu_ref uses sched-RCU.
Depending on percpu_ref's internal grace periods isn't a good idea
because
* The RCU type might not match.
* percpu_ref's grace periods are used to switch to atomic mode. They
aren't between the last put and the invocation of the last release.
This is easy to get confused about and can lead to subtle bugs.
* percpu_ref might not have grace periods at all depending on its
current operation mode.
This patchset audits all percpu_ref users for their RCU usages,
clarifies percpu_ref documentation that the internal grace periods
must not be depended upon, and introduces rcu_work to simplify
bouncing to a workqueue after an RCU grace period.
This patchset contains the following seven patches.
0001-fs-aio-Add-explicit-RCU-grace-period-when-freeing-ki.patch
0002-fs-aio-Use-RCU-accessors-for-kioctx_table-table.patch
0003-RDMAVT-Fix-synchronization-around-percpu_ref.patch
0004-HMM-Remove-superflous-RCU-protection-around-radix-tr.patch
0005-block-Remove-superflous-rcu_read_-un-lock_sched-in-b.patch
0006-percpu_ref-Update-doc-to-dissuade-users-from-dependi.patch
0007-RCU-workqueue-Implement-rcu_work.patch
0001-0003 are fixes and tagged -stable.
0004-0005 remove (seemingly) superflous RCU read lock usages.
0006 updates the doc and 0007 introduces rcu_work.
This patchset is also available in the following git tree.
git://git.kernel.org/pub/scm/linux/kernel/git/tj/misc.git percpu_ref-rcu-audit
diffstat follows. Thanks.
block/blk-core.c | 2 -
drivers/infiniband/sw/rdmavt/mr.c | 10 ++++---
fs/aio.c | 39 ++++++++++++++++-----------
include/linux/cgroup-defs.h | 2 -
include/linux/percpu-refcount.h | 18 ++++++++----
include/linux/workqueue.h | 38 ++++++++++++++++++++++++++
kernel/cgroup/cgroup.c | 21 ++++----------
kernel/workqueue.c | 54 ++++++++++++++++++++++++++++++++++++++
lib/percpu-refcount.c | 2 +
mm/hmm.c | 12 +-------
10 files changed, 145 insertions(+), 53 deletions(-)
--
tejun
next reply other threads:[~2018-03-06 17:26 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-06 17:26 Tejun Heo [this message]
2018-03-06 17:33 ` [PATCH 1/7] fs/aio: Add explicit RCU grace period when freeing kioctx Tejun Heo
2018-03-06 17:33 ` [PATCH 2/7] fs/aio: Use RCU accessors for kioctx_table->table[] Tejun Heo
2018-03-06 17:33 ` [PATCH 3/7] RDMAVT: Fix synchronization around percpu_ref Tejun Heo
2018-03-07 15:39 ` Dennis Dalessandro
2018-03-06 17:33 ` [PATCH 4/7] HMM: Remove superflous RCU protection around radix tree lookup Tejun Heo
2018-03-06 17:33 ` Tejun Heo
2018-03-06 17:59 ` Jerome Glisse
2018-03-06 17:59 ` Jerome Glisse
2018-03-06 17:33 ` [PATCH 5/7] block: Remove superflous rcu_read_[un]lock_sched() in blk_queue_enter() Tejun Heo
2018-03-06 17:52 ` Bart Van Assche
2018-03-14 18:46 ` tj
2018-03-14 20:05 ` Bart Van Assche
2018-03-14 20:08 ` Peter Zijlstra
2018-03-14 20:14 ` Bart Van Assche
2018-03-06 17:33 ` [PATCH 6/7] percpu_ref: Update doc to dissuade users from depending on internal RCU grace periods Tejun Heo
2018-03-06 17:33 ` [PATCH 7/7] RCU, workqueue: Implement rcu_work Tejun Heo
2018-03-06 18:30 ` Linus Torvalds
2018-03-09 15:37 ` Tejun Heo
2018-03-07 2:49 ` Lai Jiangshan
2018-03-07 14:54 ` Paul E. McKenney
2018-03-07 16:23 ` Peter Zijlstra
2018-03-07 17:58 ` Paul E. McKenney
2018-03-08 0:29 ` Lai Jiangshan
2018-03-08 17:28 ` Paul E. McKenney
2018-03-09 16:21 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180306172657.3060270-1-tj@kernel.org \
--to=tj@kernel.org \
--cc=bcrl@kvack.org \
--cc=jannh@google.com \
--cc=kent.overstreet@gmail.com \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=security@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.