[PATCH 0/7]: Fix for unsafe notifier chain

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Chandra Seetharaman <sekharan@us.ibm.com>
To: akpm@osdl.org
Cc: linux-kernel@vger.kernel.org, lse-tech@lists.sourceforge.net,
	paulmck@us.ibm.com, kaos@sgi.com, greg@kroah.com,
	Douglas_Warzecha@dell.com, Abhay_Salunke@dell.com,
	achim_leubner@adaptec.com, dmp@davidmpye.dyndns.org
Subject: [PATCH 0/7]: Fix for unsafe notifier chain
Date: Wed, 23 Nov 2005 15:37:51 -0800	[thread overview]
Message-ID: <1132789071.9460.16.camel@linuxchandra> (raw)

Andrew,

I posted this set of patch to lkml last Friday as an RFC. Can you
consider these for -mm inclusion.

These patches apply on 2.6.15-rc2.

Thanks,

chandra

Here are the details:
In 2.6.14, notifier chains are unsafe. notifier_call_chain() walks through
the list of a call chain without any protection.

Alan Stern <stern@rowland.harvard.edu> brought the issue and suggested a fix
in lkml on Oct 24 2005:
	http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2

There was a lot of discussion on that thread regarding the issue, and
following were the conclusions about the requirements of the notifier
call mechanism:

	- The chain list has to be protected in all the places where the
	  list is accessed.
	- We need a new notifier_head data structure to encompass the head 
	  of the notifier chain and a semaphore that protects the list.
	- There should be two types of call chains: one that is called in 
	  a process context and another that is called in atomic/interrupt
	  context.
	- No lock should be acquired in notifier_call_chain() for an
	  atomic-type chain.
	- notifier_chain_register() and notifier_chain_unregister() should
	  be called only from process context.
	- notifier_chain_unregister() should _not_ be called from a
	  callout routine.

I posted an RFC that meets the above listed requirements last Friday:
	- http://marc.theaimsgroup.com/?l=linux-kernel&m=113175279131346&w=2
	
Paul McKenney provided some suggestions w.r.t RCU usage. This patchset fixes
the issues he raised.  Keith Owens posted some changes to the diechain for
various architectures; his changes are included here.

This is posted as an RFC as we want to get a green signal from the owners of
the files that our classification of chains as ATOMIC or BLOCKING is ok.
Please comment.

This patchset has 7 patches:

1 of 7: Changes the definition of the heads. Same as what was posted last
	Friday with changes w.r.t Paul's comments.
2 of 7:	Changes that affected only the notifier_head definition.
3 of 7: Changes in which we removed some protection (it's no longer needed
	as the basic infrastructure itself provides the protection).
4 of 7: changes for diechain for different architectures.
5 of 7: changes removing calls to notifier_unregister in the callout.
6 of 7: changes to dcdbas.c (requires special handling).
7 of 7: changes to make usb_notify to use the notify chain infrastructure
	instead of its own.

----------------------------------------

Here are the list of chains and their classification:

BLOCKING:
+++++++++
arch/powerpc/platforms/pseries/reconfig.c:	pSeries_reconfig_chain
arch/s390/kernel/process.c:		idle_chain
drivers/base/memory.c:			memory_chain
drivers/cpufreq/cpufreq.c:		cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c:		cpufreq_transition_notifier_list
drivers/macintosh/adb.c:		adb_client_list
drivers/macintosh/via-pmu.c:		sleep_notifier_list
drivers/macintosh/via-pmu68k.c:		sleep_notifier_list
drivers/macintosh/windfarm_core.c:	wf_client_list
drivers/usb/core/notify.c:		usb_notifier_list
drivers/video/fbmem.c:			fb_notifier_list
kernel/cpu.c:				cpu_chain
kernel/module.c:			module_notify_list
kernel/profile.c:			munmap_notifier
kernel/profile.c:			task_exit_notifier
kernel/sys.c:				reboot_notifier_list
net/core/dev.c:				netdev_chain
net/decnet/dn_dev.c:			dnaddr_chain
net/ipv4/devinet.c:			inetaddr_chain

ATOMIC:
+++++++
arch/i386/kernel/traps.c:		i386die_chain
arch/ia64/kernel/traps.c:		ia64die_chain
arch/powerpc/kernel/traps.c:		powerpc_die_chain
arch/sparc64/kernel/traps.c:		sparc64die_chain
arch/x86_64/kernel/traps.c:		die_chain
drivers/char/ipmi/ipmi_si_intf.c:	xaction_notifier_list
kernel/panic.c:				panic_notifier_list
kernel/profile.c:			task_free_notifier
net/bluetooth/hci_core.c:		hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c:	ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c:	ip_conntrack_expect_chain
net/ipv6/addrconf.c:			inet6addr_chain
net/netfilter/nf_conntrack_core.c:	nf_conntrack_chain
nen/netfilter/nf_conntrack_core.c:	nf_conntrack_expect_chain
net/netlink/af_netlink.c:		netlink_chain


-- 

----------------------------------------------------------------------
    Chandra Seetharaman               | Be careful what you choose....
              - sekharan@us.ibm.com   |      .......you may get it.
----------------------------------------------------------------------

next             reply	other threads:[~2005-11-23 23:37 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-11-23 23:37 Chandra Seetharaman [this message]
2005-11-27  4:07 ` [PATCH 0/7]: Fix for unsafe notifier chain Andrew Morton
2005-11-27 13:47   ` [Lse-tech] " Andi Kleen
2005-11-27 15:59     ` Keith Owens
2005-11-27 17:27       ` Andi Kleen
2005-11-27 17:39         ` Keith Owens
2005-11-27 19:56           ` Andrew Morton
2005-11-27 22:03             ` Greg KH
2005-11-28  2:43               ` Paul E. McKenney
2005-11-28  4:57                 ` Andrew Morton
2005-11-28  4:59                   ` Andi Kleen
2005-11-28  5:05                     ` Paul E. McKenney
2005-11-28  5:15                       ` Andi Kleen
2005-11-28  8:31                     ` Keith Owens
2005-11-28 12:07                       ` Andi Kleen
2005-11-28 19:55                         ` Paul E. McKenney
2005-12-04 16:19                       ` Alan Cox
2005-12-06 23:38                         ` Keith Owens
2005-12-07  2:43                           ` Keith Owens
2005-11-28  1:19             ` Keith Owens
2005-11-28 18:58   ` Chandra Seetharaman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1132789071.9460.16.camel@linuxchandra \
    --to=sekharan@us.ibm.com \
    --cc=Abhay_Salunke@dell.com \
    --cc=Douglas_Warzecha@dell.com \
    --cc=achim_leubner@adaptec.com \
    --cc=akpm@osdl.org \
    --cc=dmp@davidmpye.dyndns.org \
    --cc=greg@kroah.com \
    --cc=kaos@sgi.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lse-tech@lists.sourceforge.net \
    --cc=paulmck@us.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox