Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CALCETrXFkzBvM1yBPwOTae3sUOvRfRJ9tbO35C8cfmuNov=y6w@mail.gmail.com>
Date: Sat, 25 Jun 2016 16:30:14 -0700
From: Andy Lutomirski <luto@...capital.net>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>, Brian Gerst <brgerst@...il.com>, 
	Peter Zijlstra <peterz@...radead.org>, Oleg Nesterov <oleg@...hat.com>, 
	Andy Lutomirski <luto@...nel.org>, "the arch/x86 maintainers" <x86@...nel.org>, 
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, 
	"linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>, Borislav Petkov <bp@...en8.de>, 
	Nadav Amit <nadav.amit@...il.com>, Kees Cook <keescook@...omium.org>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, Jann Horn <jann@...jh.net>, 
	Heiko Carstens <heiko.carstens@...ibm.com>
Subject: Re: [PATCH v3 00/13] Virtually mapped stacks with guard pages (x86, core)

On Sat, Jun 25, 2016 at 4:19 PM, Andy Lutomirski <luto@...capital.net> wrote:
> I rebased my series onto your tree and then rebased this thing onto my
> series, tweaked it some, and split it up a bit.  My version works a
> bit differently (thread_info has a single element if the new option is
> set) but is otherwise more or less your code.  It seems to work.
>
> https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vmap_stack&id=01ac3242f314405c1bac0f820ec3575a850509d3
> https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vmap_stack&id=87194cac139aebecec89a68eff719ab44f0469a2
>
> On top of *that*, I taught the kernel to free stacks in release_task
> and to cache stacks if vmalloced.  That still blows up: when
> cryptomgr_test calls do_exit during boot, do_exit calls exit_notify,
> which observes that the task state is TASK_DEAD and thus calls
> release_task on itself and goes boom.
>
> Linus, Oleg, help?  How am I supposed to quickly free the stack if the
> task goes through this code path?  In fact, why does this work on
> current kernels?  After all, can't schedule() indicates an RCU grace
> period?  In principle, what prevents delayed_put_task_struct from
> deleting the running stack before scheduling?
>
> My kludged up patch that only early-releases the stack if release_task
> is called from a different task is here:
>
> https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vmap_stack&id=2327ca2ab3d634d120ea185e737fef2e4e9cf012

Maybe I'm misunderstanding the role of release_task.  It looks like
there's this path in the scheduler I can borrow:

    if (unlikely(prev_state == TASK_DEAD)) {

With a kludge in place to free the stack in there and release_task and
__put_task_struct, whichever is first, I get a nice speedup.
Benchmarks coming later on.  Can I rely on that code path always being
called?

--Andy

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.