From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 757E0C352A4 for ; Thu, 13 Feb 2020 00:48:53 +0000 (UTC) Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.kernel.org (Postfix) with SMTP id C133121734 for ; Thu, 13 Feb 2020 00:48:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="RRc0Xamv" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C133121734 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernel-hardening-return-17809-kernel-hardening=archiver.kernel.org@lists.openwall.com Received: (qmail 9431 invoked by uid 550); 13 Feb 2020 00:48:45 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Received: (qmail 9408 invoked from network); 13 Feb 2020 00:48:45 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kqI0VbPVaJfcsCTXac52W5YMJCYaSOj7FaTDjIsxYoQ=; b=RRc0XamveMQXj/q8pfpDyw3+6RSQiI77zx4rXZCf1ovpx19fhSLX9IAuu7EAbdT6D5 hRgPzQzTBFhOQsMCJ5pC8fUtChqlceueXHqMOFdtZldjIC/GLh+J70scUbbfpK2vng/u uee+XaR52NHzT1hMiW+QFymxjV6nraNw8Kd1U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kqI0VbPVaJfcsCTXac52W5YMJCYaSOj7FaTDjIsxYoQ=; b=cqxh5KdIPDj5omGd4PPuNFhZl7WqcxcdgaLTSiqhzFLJWPbjpipODzX58Dg8ad4zUR pHG0UZDoDC84KlTojTgmKgtvWYgPwMnYZYa13B3EX4htJMKV/amcUjpbO/YU9Xr/yJz7 9gyMxzR0ozRvy8u36+POTwzZw+FvN3gS1XGlgxJvxLSlDcPQe3rUaKHHZ2iJOQjcUbE9 H1PfYZiLVZQuPfLBZe/Z1ovXFES066+N+eaiDbTYGoAGnlFXebFN+oAZMJu96WifTdG6 pxnj4V1Z+O6mXcigYQgUT1pbflwZA+Ow3iMr9xk+KIKyPlZmriTC+jxB99hN8meGDG7h 6DfA== X-Gm-Message-State: APjAAAWSLebIt5jc2EbiJ8J9/0NfSNElB42MTpJxpgaOPs+HVQTI9gsS hJ97bpCFHAJgHcKdkeyXeaTe7eFUFAM= X-Google-Smtp-Source: APXvYqxYQo5hQ14DoVJaPNIcoZ411EhrGYCMBnGW0992shS0YHOdVPiw6DFNxanaVICDy0ZMsWBvdA== X-Received: by 2002:a2e:b88d:: with SMTP id r13mr4029669ljp.66.1581554912740; Wed, 12 Feb 2020 16:48:32 -0800 (PST) X-Received: by 2002:a2e:580c:: with SMTP id m12mr9459753ljb.150.1581554910763; Wed, 12 Feb 2020 16:48:30 -0800 (PST) MIME-Version: 1.0 References: <20200210150519.538333-8-gladkov.alexey@gmail.com> <87v9odlxbr.fsf@x220.int.ebiederm.org> <20200212144921.sykucj4mekcziicz@comp-core-i7-2640m-0182e6> <87tv3vkg1a.fsf@x220.int.ebiederm.org> <87v9obipk9.fsf@x220.int.ebiederm.org> <20200212200335.GO23230@ZenIV.linux.org.uk> <20200212203833.GQ23230@ZenIV.linux.org.uk> <20200212204124.GR23230@ZenIV.linux.org.uk> <87lfp7h422.fsf@x220.int.ebiederm.org> In-Reply-To: <87lfp7h422.fsf@x220.int.ebiederm.org> From: Linus Torvalds Date: Wed, 12 Feb 2020 16:48:14 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances To: "Eric W. Biederman" Cc: Al Viro , LKML , Kernel Hardening , Linux API , Linux FS Devel , Linux Security Module , Akinobu Mita , Alexey Dobriyan , Andrew Morton , Andy Lutomirski , Daniel Micay , Djalal Harouni , "Dmitry V . Levin" , Greg Kroah-Hartman , Ingo Molnar , "J . Bruce Fields" , Jeff Layton , Jonathan Corbet , Kees Cook , Oleg Nesterov , Solar Designer Content-Type: text/plain; charset="UTF-8" On Wed, Feb 12, 2020 at 1:48 PM Eric W. Biederman wrote: > > The good news is proc_flush_task isn't exactly called from process exit. > proc_flush_task is called during zombie clean up. AKA release_task. Yeah, that at least avoids some of the nasty locking while dying debug problems. But the one I was more worried about was actually the lock contention issue with lots of processes. The lock is basically a single global lock in many situations - yes, it's technically per-ns, but in a lot of cases you really only have one namespace anyway. And we've had problems with global locks in this area before, notably the one you call out: > Further after proc_flush_task does it's thing the code goes > and does "write_lock_irq(&task_list_lock);" Yeah, so it's not introducing a new issue, but it is potentially making something we already know is bad even worse. > What would be downside of having a mutex for a list of proc superblocks? > A mutex that is taken for both reading and writing the list. That's what the original patch actually was, and I was hoping we could avoid that thing. An rwsem would be possibly better, since most cases by far are likely about reading. And yes, I'm very aware of the task_list_lock, but it's literally why I don't want to make a new one. I'm _hoping_ we can some day come up with something better than task_list_lock. Linus