From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1757616AbbCPPtu (ORCPT <rfc822;w@1wt.eu>);
	Mon, 16 Mar 2015 11:49:50 -0400
Received: from e39.co.us.ibm.com ([32.97.110.160]:39224 "EHLO
	e39.co.us.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1757565AbbCPPtp (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 16 Mar 2015 11:49:45 -0400
Date: Mon, 16 Mar 2015 08:49:40 -0700
From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Peter Zijlstra <peterz@infradead.org>,
        Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
        linux-kernel@vger.kernel.org,
        KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>,
        Nicholas Miell <nmiell@comcast.net>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Ingo Molnar <mingo@redhat.com>, Alan Cox <gnomes@lxorguk.ukuu.org.uk>,
        Lai Jiangshan <laijs@cn.fujitsu.com>,
        Stephen Hemminger <stephen@networkplumber.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Josh Triplett <josh@joshtriplett.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        David Howells <dhowells@redhat.com>, Nick Piggin <npiggin@kernel.dk>
Subject: Re: [RFC PATCH] sys_membarrier(): system/process-wide memory barrier
 (x86) (v12)
Message-ID: <20150316154940.GA32325@linux.vnet.ibm.com>
Reply-To: paulmck@linux.vnet.ibm.com
References: <1426447459-28620-1-git-send-email-mathieu.desnoyers@efficios.com>
 <20150316141939.GE21418@twins.programming.kicks-ass.net>
 <20150316102430.186f4919@gandalf.local.home>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20150316102430.186f4919@gandalf.local.home>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-TM-AS-MML: disable
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 15031615-0033-0000-0000-000003F6A16A
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Mar 16, 2015 at 10:24:30AM -0400, Steven Rostedt wrote:
> On Mon, 16 Mar 2015 15:19:39 +0100
> Peter Zijlstra <peterz@infradead.org> wrote:
> 
> > 
> > I suppose this is an unprivileged syscall; so what do we do about:
> > 
> > 	for (;;)
> > 		sys_membar(EXPEDITED);
> > 
> > Which would spray the entire system with IPIs at break neck speed.
> 
> Perhaps it should be rate limited. Have parameters (controlled via
> sysctl) that will only allow so many of these per ms. If it exceeds it,
> then the call will end up being a schedule_timeout() till it is allowed
> to continue. Thus, the above will spit out a few hundred IPIs, then
> sleep for a millisecond, and then spit out another hundred IPIs and
> sleep again.
> 
> That would prevent any DoS attacks.

But this would only qualify as a DoS if MEMBARRIER_EXPEDITED_FLAG and
!MEMBARRIER_PRIVATE_FLAG.  Otherwise, the user's process is only DoSing
itself, which is that user's problem, not anyone else's.  And it looks
like the current patch refuses to implement this DoS case, unless I am
really confused about the code in membarrier_expedited().  And in fact
membarrier_validate_flags() checks for this DoS case and returns -EINVAL.

So I do not believe that this syscall permits that type of DoS.

What am I missing here?

							Thanx, Paul