From: Rusty Russell <rusty@rustcorp.com.au>
To: Herbert Xu <herbert@gondor.apana.org.au>,
Fengguang Wu <fengguang.wu@intel.com>, LKP <lkp@01.org>,
linux-kernel@vger.kernel.org,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
Amos Kong <akong@redhat.com>,
m@bues.ch, mpm@selenic.com, amit.shah@redhat.com
Subject: Re: [PATCH 2/5] hwrng: core - Fix current_rng init/cleanup race yet again
Date: Wed, 24 Dec 2014 09:56:36 +1030 [thread overview]
Message-ID: <87ppbagd77.fsf@rustcorp.com.au> (raw)
In-Reply-To: <E1Y3ICg-0007cq-Kj@gondolin.me.apana.org.au>
Herbert Xu <herbert@gondor.apana.org.au> writes:
> The kref solution is still buggy because we were only focusing
> on the register/unregister race. The same race affects the
> setting of current_rng through sysfs.
>
> This patch fixes it by using kref_get_unless_zero.
>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch scares me a little!
I'll have to pull the tree to review it properly, but the theory was
that the reference count was counting users of the rng. Now I don't
know what it's counting:
> static inline int hwrng_init(struct hwrng *rng)
> {
> + if (kref_get_unless_zero(&rng->ref))
> + goto skip_init;
> +
> if (rng->init) {
> int ret;
OK, so this skip_init branch is triggered when the rng is being
shut down as it's no longer current_rng?
> +
> + kref_init(&rng->ref);
> + reinit_completion(&rng->cleanup_done);
> +
> +skip_init:
> add_early_randomness(rng);
Then we use it to add randomness?
>
> current_quality = rng->quality ? : default_quality;
> @@ -467,6 +474,9 @@ int hwrng_register(struct hwrng *rng)
> goto out_unlock;
> }
>
> + init_completion(&rng->cleanup_done);
> + complete(&rng->cleanup_done);
> +
This code smells very bad.
Cheers,
Rusty.
WARNING: multiple messages have this Message-ID (diff)
From: Rusty Russell <rusty@rustcorp.com.au>
To: lkp@lists.01.org
Subject: Re: [PATCH 2/5] hwrng: core - Fix current_rng init/cleanup race yet again
Date: Wed, 24 Dec 2014 09:56:36 +1030 [thread overview]
Message-ID: <87ppbagd77.fsf@rustcorp.com.au> (raw)
In-Reply-To: <E1Y3ICg-0007cq-Kj@gondolin.me.apana.org.au>
[-- Attachment #1: Type: text/plain, Size: 1275 bytes --]
Herbert Xu <herbert@gondor.apana.org.au> writes:
> The kref solution is still buggy because we were only focusing
> on the register/unregister race. The same race affects the
> setting of current_rng through sysfs.
>
> This patch fixes it by using kref_get_unless_zero.
>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch scares me a little!
I'll have to pull the tree to review it properly, but the theory was
that the reference count was counting users of the rng. Now I don't
know what it's counting:
> static inline int hwrng_init(struct hwrng *rng)
> {
> + if (kref_get_unless_zero(&rng->ref))
> + goto skip_init;
> +
> if (rng->init) {
> int ret;
OK, so this skip_init branch is triggered when the rng is being
shut down as it's no longer current_rng?
> +
> + kref_init(&rng->ref);
> + reinit_completion(&rng->cleanup_done);
> +
> +skip_init:
> add_early_randomness(rng);
Then we use it to add randomness?
>
> current_quality = rng->quality ? : default_quality;
> @@ -467,6 +474,9 @@ int hwrng_register(struct hwrng *rng)
> goto out_unlock;
> }
>
> + init_completion(&rng->cleanup_done);
> + complete(&rng->cleanup_done);
> +
This code smells very bad.
Cheers,
Rusty.
next prev parent reply other threads:[~2014-12-26 0:31 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-23 3:09 [hwrng] WARNING: CPU: 0 PID: 1 at include/linux/kref.h:47 set_current_rng() Fengguang Wu
2014-12-23 3:09 ` Fengguang Wu
2014-12-23 5:39 ` [0/5] hwrng: Fix kref warning and underlying bugs Herbert Xu
2014-12-23 5:39 ` Herbert Xu
2014-12-23 5:40 ` [PATCH 1/5] hwrng: core - Use struct completion for cleanup_done Herbert Xu
2014-12-23 5:40 ` Herbert Xu
2014-12-23 23:19 ` Rusty Russell
2014-12-23 23:19 ` Rusty Russell
2014-12-23 5:40 ` [PATCH 2/5] hwrng: core - Fix current_rng init/cleanup race yet again Herbert Xu
2014-12-23 5:40 ` Herbert Xu
2014-12-23 23:26 ` Rusty Russell [this message]
2014-12-23 23:26 ` Rusty Russell
2014-12-26 0:52 ` Herbert Xu
2014-12-26 0:52 ` Herbert Xu
2014-12-23 5:40 ` [PATCH 3/5] hwrng: core - Do not register device opportunistically Herbert Xu
2014-12-23 5:40 ` Herbert Xu
2014-12-23 23:29 ` Rusty Russell
2014-12-23 23:29 ` Rusty Russell
2014-12-26 1:00 ` Herbert Xu
2014-12-26 1:00 ` Herbert Xu
2014-12-23 5:40 ` [PATCH 4/5] hwrng: core - Drop current rng in set_current_rng Herbert Xu
2014-12-23 5:40 ` Herbert Xu
2014-12-23 5:40 ` [PATCH 5/5] hwrng: core - Move hwrng_init call into set_current_rng Herbert Xu
2014-12-23 5:40 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ppbagd77.fsf@rustcorp.com.au \
--to=rusty@rustcorp.com.au \
--cc=akong@redhat.com \
--cc=amit.shah@redhat.com \
--cc=fengguang.wu@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@01.org \
--cc=m@bues.ch \
--cc=mpm@selenic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.