From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: ACJfBotPogLkBbU5dQOuWhvrcE9R3QP87lfjdSkO8W76ejabBn4oOzzcwaz0/VVbXsVlCo8Yq4YP ARC-Seal: i=1; a=rsa-sha256; t=1516208094; cv=none; d=google.com; s=arc-20160816; b=tUnsk7IP/tjgw8i1GzNA5r7mX8LxMUgnpUS3d96izPU7c7uyn+uIO8wXBR4p8XGHBJ M7IxhdR1ocK+jt/fMt/W4fkKcizks4UVvd0VMfHUUpUBpJ7ggeILzZ6Ky0XV9TT11X9C exhtyJuceCwPBJpeCkW8SjL91TH0RCc7ItULurCgdGY2uTFxtiUKgCCqOP79JFKEEogu CU7GMFg+LYlaOJuVYrQ29aWuIWYfvscqMeRYqOSAwQgLK5pge0scX2wMmZhIWXbvljKR P6W0DmYero2nusbLVgErkslrJytJbstVzuiik05m640FMo5c2Gnlg0CAhSy4m2Hia+8P MQFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=subject:mime-version:user-agent:message-id:in-reply-to:date :references:cc:to:from:arc-authentication-results; bh=0LkmklqF+CGgL6MMp/ST9tYXNxhKoSrQkjya7uKMggQ=; b=wXVlIt4c7cqApj7xGaTn6+78QtJGzNLpDMJN+mLVxdn5X3HJTN9LrP1toyUYbllFDb wircUGEWc78MaNxkDRr+9Tv23pj4x/yWaV3zE20MnGISP6qhkorue4so2ZunWupkU/v1 qbJ3YHexKrzuTX3YQLc8GPokCv/f6gNaVTmZaOFfvcTNOGOs/8SU1bipkS3AqB65VNf3 MySlG7hzCqmEXZ4fX9z1rhVv9ei1fZ0GP169os2cNczyzy4b1YB84RzW1BMHaCQsvwtL Yx2spZrsPb5LmBT3fdRf6pjiHCUkV+IPdQuwbwlZV0eYIOdVjZno/l90d51d8ngDgB43 SH3w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ebiederm@xmission.com designates 166.70.13.231 as permitted sender) smtp.mailfrom=ebiederm@xmission.com Authentication-Results: mx.google.com; spf=pass (google.com: domain of ebiederm@xmission.com designates 166.70.13.231 as permitted sender) smtp.mailfrom=ebiederm@xmission.com From: ebiederm@xmission.com (Eric W. Biederman) To: Kirill Tkhai Cc: gregkh@linuxfoundation.org, jslaby@suse.com, oleg@redhat.com, linux-kernel@vger.kernel.org References: <151619233415.5683.18062849657787533510.stgit@localhost.localdomain> <151619279470.5683.15554197416743431023.stgit@localhost.localdomain> Date: Wed, 17 Jan 2018 10:54:00 -0600 In-Reply-To: <151619279470.5683.15554197416743431023.stgit@localhost.localdomain> (Kirill Tkhai's message of "Wed, 17 Jan 2018 15:39:54 +0300") Message-ID: <87lggwh1ef.fsf@xmission.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1ebqzE-0006C7-0V;;;mid=<87lggwh1ef.fsf@xmission.com>;;;hst=in01.mta.xmission.com;;;ip=97.121.73.102;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX18XzJC4qJhau7/mmnlmeEicsl7YEZ7mpdA= X-SA-Exim-Connect-IP: 97.121.73.102 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.7 XMSubLong Long Subject * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_02 5+ unique symbols in subject * 0.0 T_TooManySym_01 4+ unique symbols in subject * 0.0 T_TooManySym_03 6+ unique symbols in subject X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ;Kirill Tkhai X-Spam-Relay-Country: X-Spam-Timing: total 233 ms - load_scoreonly_sql: 0.04 (0.0%), signal_user_changed: 2.5 (1.1%), b_tie_ro: 1.85 (0.8%), parse: 0.75 (0.3%), extract_message_metadata: 10 (4.3%), get_uri_detail_list: 1.48 (0.6%), tests_pri_-1000: 4.5 (1.9%), tests_pri_-950: 1.16 (0.5%), tests_pri_-900: 0.95 (0.4%), tests_pri_-400: 20 (8.7%), check_bayes: 19 (8.3%), b_tokenize: 6 (2.7%), b_tok_get_all: 7 (2.9%), b_comp_prob: 2.1 (0.9%), b_tok_touch_all: 2.6 (1.1%), b_finish: 0.53 (0.2%), tests_pri_0: 184 (79.2%), check_dkim_signature: 0.46 (0.2%), check_dkim_adsp: 2.4 (1.0%), tests_pri_500: 5 (2.3%), poll_dns_idle: 0.13 (0.1%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH v2 3/3] tty: Use RCU read lock to iterate tasks and threads in __do_SAK() X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1589843382995363774?= X-GMAIL-MSGID: =?utf-8?q?1589859418207154105?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: Kirill Tkhai writes: > There were made several efforts to make __do_SAK() > working in process context long ago, but it does > not solves the problem completely. Since __do_SAK() > may take tasklist_lock for a long time, the concurent > processes, waiting for write lock with interrupts > disabled (e.g., forking), get into the same situation > like __do_SAK() would have been executed in interrupt > context. I've observed several hard lockups on 3.10 > kernel running 200 containers, caused by long duration > of copy_process()->write_lock_irq() after SAK was sent > to a tty. Current mainline kernel has the same problem. > > The solution is to use RCU to iterate processes and threads. > Task list integrity is the only reason we taken tasklist_lock > before, as tty subsys primitives mostly take it for reading > also (e.g., __proc_set_tty). RCU read lock is enough for that. > This patch solves the problem and makes __do_SAK() to be > not greedy of tasklist_lock. That should prevent hard lockups > I've pointed above. __do_SAK() needs to be 100% accurate. I do not see the rcu_read_lock guaranteeing that new processes created while the process list is being iterated that happen to have a reference to the tty will be seen. So I do not believe this is the actual fix to the problem. Especially not if we intend to for SAK to remain a secure attention key that guarantees no other processes have access to the tty. Eric > Signed-off-by: Kirill Tkhai > --- > drivers/tty/tty_io.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c > index 89326cee2403..55115e65668d 100644 > --- a/drivers/tty/tty_io.c > +++ b/drivers/tty/tty_io.c > @@ -2724,7 +2724,9 @@ void __do_SAK(struct tty_struct *tty) > task_pid_nr(p), p->comm); > send_sig(SIGKILL, p, 1); > } while_each_pid_task(session, PIDTYPE_SID, p); > + read_unlock(&tasklist_lock); > > + rcu_read_lock(); > /* Now kill any processes that happen to have the tty open */ > for_each_process(p) { > if (p->signal->tty == tty) { > @@ -2754,7 +2756,7 @@ void __do_SAK(struct tty_struct *tty) > kill: > send_sig(SIGKILL, p, 1); > } > - read_unlock(&tasklist_lock); > + rcu_read_unlock(); > #endif > } >