From: Andi Kleen <andi@firstfloor.org>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Andi Kleen <andi@firstfloor.org>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Lucas De Marchi <lucas.de.marchi@gmail.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Paul Mackerras <paulus@samba.org>,
david@gibson.dropbear.id.au, Kees Cook <keescook@chromium.org>,
Serge Hallyn <serge.hallyn@canonical.com>,
"Rafael J. Wysocki" <rjw@sisk.pl>,
Feng Hong <hongfeng@marvell.com>,
Lucas De Marchi <lucas.demarchi@profusion.mobi>
Subject: Re: [PATCH 0/2] finx argv_split() vs sysctl race
Date: Sat, 16 Mar 2013 22:54:40 +0100 [thread overview]
Message-ID: <20130316215440.GV11268@two.firstfloor.org> (raw)
In-Reply-To: <20130316212351.GA21190@redhat.com>
On Sat, Mar 16, 2013 at 10:23:51PM +0100, Oleg Nesterov wrote:
> On 03/16, Andi Kleen wrote:
> >
> > > Perhaps rcu can be better, although a global rwsem looks simpler,
> > > I dunno.
> >
> > It's a general problem with lots of sysctls.
> > >
> > > But argv_split() or its usage should be changed anyway, and GFP_KERNEL
> > > won't work under rcu_read_lock().
> >
> > rcu strings has a helper function to copy the string for sleepy cases.
>
> Then you need to pre-allocate, take rcu_read_lock(), copy, and check
> that it actually fits the pre-allocated buffer. Not sure why the simple
> rwsem is worse.
The reason I did it originally like that was that some of the sysctls weren't
as "slow path" as power off. And for anything that is even moderately
often used a global lock is going to hurt eventually. The "read" in the
sem also doesn't help because it's still a hot cache line.
I agree if it the goal was only to fix poweroff RCU is somewhat
overkill and a global lock would be fine.
> But I won't argue in any case
>
> > > To me 1/2 looks as a simplification anyway, but I won't argue if we
> > > decide to add rcu/locking and avoid this patch.
> >
> > Ok I'll revisit.
>
> OK, but do you agree with 1/2?
It doesn't solve the race alone because when the 0 byte can move it's
not safe to run kstrndup() in parallel. Ok given the n and that it
force terminates it could only lead to some junk at the end.
But it seems like a useful small optimization, although I don't know
if it's used in any non slow paths.
I assume you audited all callers that they comprehend that they need
to free differently now.
-Andi
next prev parent reply other threads:[~2013-03-16 21:54 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-12 3:25 Regression with orderly_poweroff() Benjamin Herrenschmidt
2013-03-12 14:46 ` Linus Torvalds
2013-03-12 17:46 ` Oleg Nesterov
2013-03-12 17:54 ` Lucas De Marchi
2013-03-12 18:22 ` Oleg Nesterov
2013-03-12 18:42 ` Linus Torvalds
2013-03-12 19:11 ` Oleg Nesterov
2013-03-12 19:20 ` Linus Torvalds
2013-03-12 20:35 ` Oleg Nesterov
2013-03-13 17:46 ` [PATCH 0/1] poweroff: change orderly_poweroff() to use schedule_work() Oleg Nesterov
2013-03-13 17:47 ` [PATCH 1/1] " Oleg Nesterov
2013-03-14 22:28 ` Andrew Morton
2013-03-15 16:39 ` Oleg Nesterov
2013-03-16 20:23 ` [PATCH 0/2] finx argv_split() vs sysctl race Oleg Nesterov
2013-03-16 20:23 ` [PATCH 1/2] teach argv_split() to handle the mutable strings Oleg Nesterov
2013-03-18 16:03 ` [PATCH v2 " Oleg Nesterov
2013-03-18 21:53 ` [PATCH " Andrew Morton
2013-03-19 19:54 ` [PATCH -mm] argv_split-teach-it-to-handle-mutable-strings-fix-2 Oleg Nesterov
2013-03-16 20:24 ` [PATCH 2/2] set_task_comm: kill the pointless memset() + wmb() Oleg Nesterov
2013-03-16 20:32 ` [PATCH 0/2] finx argv_split() vs sysctl race Andi Kleen
2013-03-16 20:45 ` Oleg Nesterov
2013-03-16 20:56 ` Andi Kleen
2013-03-16 21:23 ` Oleg Nesterov
2013-03-16 21:54 ` Andi Kleen [this message]
2013-03-17 14:15 ` Oleg Nesterov
2013-03-18 16:03 ` Oleg Nesterov
2013-03-13 23:35 ` [PATCH 0/1] poweroff: change orderly_poweroff() to use schedule_work() Lucas De Marchi
2013-03-12 20:13 ` Regression with orderly_poweroff() Andi Kleen
2013-03-12 19:28 ` Benjamin Herrenschmidt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130316215440.GV11268@two.firstfloor.org \
--to=andi@firstfloor.org \
--cc=akpm@linux-foundation.org \
--cc=benh@kernel.crashing.org \
--cc=david@gibson.dropbear.id.au \
--cc=hongfeng@marvell.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lucas.de.marchi@gmail.com \
--cc=lucas.demarchi@profusion.mobi \
--cc=oleg@redhat.com \
--cc=paulus@samba.org \
--cc=rjw@sisk.pl \
--cc=serge.hallyn@canonical.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox