From: ebiederm@xmission.com (Eric W. Biederman)
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
Casey Schaufler <casey@schaufler-ca.com>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>,
linux-kernel@vger.kernel.org, David Miller <davem@davemloft.net>,
Greg Kroah-Hartman <greg@kroah.com>,
Kees Cook <keescook@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
Alexei Starovoitov <ast@kernel.org>, bpf <bpf@vger.kernel.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Jakub Kicinski <kuba@kernel.org>,
Masahiro Yamada <yamada.masahiro@socionext.com>,
Gary Lin <GLin@suse.com>, Bruno Meneguele <bmeneg@redhat.com>,
LSM List <linux-security-module@vger.kernel.org>,
Luis Chamberlain <mcgrof@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH v2 00/15] Make the user mode driver code a better citizen
Date: Tue, 07 Jul 2020 23:46:18 -0500
Message-ID: <87o8oqipgl.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <ec6a6e18-d7aa-3072-c8dc-b925398b8409@i-love.sakura.ne.jp> (Tetsuo Handa's message of "Sat, 4 Jul 2020 15:57:38 +0900")
Just to make certain I understand what is going on I instrumented a
kernel with some print statements.
a) The workqueues and timers start before populate_rootfs.
b) populate_rootfs does indeed happen long before the bpfilter
module is intialized.
c) What prevents populate_rootfs and the umd_load_blob from
having problems when they call flush_delayed_put is the
fact that fput_many does:
"schedule_delayed_work(&delayed_fput_work,1)".
That 1 requests a delay of at least 1 jiffy. A jiffy is between
1ms and 10ms depending on how Linux is configured.
In my test configuration running a kernel in kvm printing to a serial
console I measured 0.8ms between the fput in blob_to_mnt and
flush_delayed_fput which immediately follows it.
So unless the fput becomes incredibly slow there is nothing to worry
about in blob_to_mnt.
d) As the same mechanism is used by populate_rootfs. A but in the
mechanism applies to both.
e) No one appears to have reported a problem executing files out of
initramfs these last several years since the flush_delayed_fput was
introduced.
f) The code works for me. There is real reason to believe the code will
work for everyone else, as the exact same logic is used by initramfs.
So it should be perfectly fine for the patchset and the
usermode_driver code to go ahead as written.
h) If there is something to be fixed it is flush_delayed_fput as that is
much more important than anything in the usermode driver code.
Eric
p.s.) When I talked of restarts of the usermode driver code ealier I was
referring to the code that restarts the usermode driver if it is
killed, the next time the kernel tries to talk to it.
That could mask an -ETXTBUSY except if it happens on the first exec
the net/bfilter/bpfilter_kern.c:load_umh() will return an error.
next prev parent reply index
Thread overview: 136+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <87d066vd4y.fsf@x220.int.ebiederm.org>
[not found] ` <20200611233134.5vofl53dj5wpwp5j@ast-mbp.dhcp.thefacebook.com>
[not found] ` <87bllngirv.fsf@x220.int.ebiederm.org>
[not found] ` <CAADnVQ+qNxFjTYBpYW9ZhStMh_oJBS5C_FsxSS=0Mzy=u54MSg@mail.gmail.com>
[not found] ` <CAADnVQLuGYX=LamARhrZcze1ej4ELj-y99fLzOCgz60XLPw_cQ@mail.gmail.com>
[not found] ` <87ftaxd7ky.fsf@x220.int.ebiederm.org>
[not found] ` <20200616015552.isi6j5x732okiky4@ast-mbp.dhcp.thefacebook.com>
[not found] ` <87h7v1pskt.fsf@x220.int.ebiederm.org>
[not found] ` <20200623183520.5e7fmlt3omwa2lof@ast-mbp.dhcp.thefacebook.com>
[not found] ` <87h7v1mx4z.fsf@x220.int.ebiederm.org>
[not found] ` <20200623194023.lzl34qt2wndhcehk@ast-mbp.dhcp.thefacebook.com>
[not found] ` <b4a805e7-e009-dfdf-d011-be636ce5c4f5@i-love.sakura.ne.jp>
[not found] ` <20200624040054.x5xzkuhiw67cywzl@ast-mbp.dhcp.thefacebook.com>
[not found] ` <5254444e-465e-6dee-287b-bef58526b724@i-love.sakura.ne.jp>
[not found] ` <20200624063940.ctzhf4nnh3cjyxqi@ast-mbp.dhcp.thefacebook.com>
2020-06-24 7:05 ` [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained Tetsuo Handa
2020-06-24 15:41 ` Casey Schaufler
2020-06-24 17:54 ` Alexei Starovoitov
2020-06-24 19:48 ` Casey Schaufler
[not found] ` <878sgck6g0.fsf@x220.int.ebiederm.org>
[not found] ` <CAADnVQL8WrfV74v1ChvCKE=pQ_zo+A5EtEBB3CbD=P5ote8_MA@mail.gmail.com>
2020-06-24 23:14 ` Tetsuo Handa
2020-06-25 1:35 ` Alexei Starovoitov
2020-06-25 6:38 ` Tetsuo Handa
2020-06-25 9:57 ` Greg KH
2020-06-25 11:03 ` Tetsuo Handa
2020-06-25 12:07 ` Greg KH
2020-06-25 14:21 ` Tetsuo Handa
2020-06-25 19:34 ` David Miller
2020-06-26 1:36 ` Linus Torvalds
2020-06-26 1:51 ` Alexei Starovoitov
2020-06-26 4:58 ` Tetsuo Handa
2020-06-26 5:41 ` Alexei Starovoitov
2020-06-26 6:20 ` Tetsuo Handa
2020-06-26 6:39 ` Alexei Starovoitov
2020-06-26 12:51 ` [PATCH 00/14] Make the user mode driver code a better citizen Eric W. Biederman
2020-06-26 12:53 ` [PATCH 01/14] umh: Capture the pid in umh_pipe_setup Eric W. Biederman
2020-06-26 12:53 ` [PATCH 02/14] umh: Move setting PF_UMH into umh_pipe_setup Eric W. Biederman
2020-06-26 12:54 ` [PATCH 03/14] umh: Rename the user mode driver helpers for clarity Eric W. Biederman
2020-06-26 12:54 ` [PATCH 04/14] umh: Remove call_usermodehelper_setup_file Eric W. Biederman
2020-06-26 12:55 ` [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support Eric W. Biederman
2020-06-26 16:22 ` Tetsuo Handa
2020-06-26 16:45 ` Eric W. Biederman
2020-06-27 1:26 ` Tetsuo Handa
2020-06-27 4:21 ` Eric W. Biederman
2020-06-27 4:36 ` Tetsuo Handa
2020-06-26 12:55 ` [PATCH 06/14] umd: For clarity rename umh_info umd_info Eric W. Biederman
2020-06-26 15:37 ` Kees Cook
2020-06-26 16:31 ` Eric W. Biederman
2020-06-26 12:56 ` [PATCH 07/14] umd: Rename umd_info.cmdline umd_info.driver_name Eric W. Biederman
2020-06-26 12:56 ` [PATCH 08/14] umd: Transform fork_usermode_blob into fork_usermode_driver Eric W. Biederman
2020-06-26 12:57 ` [PATCH 09/14] umh: Stop calling do_execve_file Eric W. Biederman
2020-06-26 12:57 ` [PATCH 10/14] exec: Remove do_execve_file Eric W. Biederman
2020-06-26 12:58 ` [PATCH 11/14] bpfilter: Move bpfilter_umh back into init data Eric W. Biederman
2020-06-26 12:58 ` [PATCH 12/14] umd: Track user space drivers with struct pid Eric W. Biederman
2020-06-26 12:59 ` [PATCH 13/14] bpfilter: Take advantage of the facilities of " Eric W. Biederman
2020-06-26 12:59 ` [PATCH 14/14] umd: Remove exit_umh Eric W. Biederman
2020-06-26 13:48 ` [PATCH 00/14] Make the user mode driver code a better citizen Eric W. Biederman
2020-06-29 19:55 ` [PATCH v2 00/15] " Eric W. Biederman
2020-06-29 19:56 ` [PATCH v2 01/15] umh: Capture the pid in umh_pipe_setup Eric W. Biederman
2020-06-29 19:57 ` [PATCH v2 02/15] umh: Move setting PF_UMH into umh_pipe_setup Eric W. Biederman
2020-06-29 19:57 ` [PATCH v2 03/15] umh: Rename the user mode driver helpers for clarity Eric W. Biederman
2020-06-29 19:59 ` [PATCH v2 04/15] umh: Remove call_usermodehelper_setup_file Eric W. Biederman
2020-06-29 20:00 ` [PATCH v2 05/15] umh: Separate the user mode driver and the user mode helper support Eric W. Biederman
2020-06-30 16:58 ` Linus Torvalds
2020-07-01 17:18 ` Eric W. Biederman
2020-07-01 17:42 ` Alexei Starovoitov
2020-06-29 20:01 ` [PATCH v2 06/15] umd: For clarity rename umh_info umd_info Eric W. Biederman
2020-06-29 20:02 ` [PATCH v2 07/15] umd: Rename umd_info.cmdline umd_info.driver_name Eric W. Biederman
2020-06-29 20:03 ` [PATCH v2 08/15] umd: Transform fork_usermode_blob into fork_usermode_driver Eric W. Biederman
2020-06-29 20:03 ` [PATCH v2 09/15] umh: Stop calling do_execve_file Eric W. Biederman
2020-06-29 20:04 ` [PATCH v2 10/15] exec: Remove do_execve_file Eric W. Biederman
2020-06-30 5:43 ` Christoph Hellwig
2020-06-30 12:14 ` Eric W. Biederman
2020-06-30 13:38 ` Christoph Hellwig
2020-06-30 14:28 ` Eric W. Biederman
2020-06-30 16:55 ` Alexei Starovoitov
2020-06-29 20:05 ` [PATCH v2 11/15] bpfilter: Move bpfilter_umh back into init data Eric W. Biederman
2020-06-29 20:06 ` [PATCH v2 12/15] umd: Track user space drivers with struct pid Eric W. Biederman
2020-06-29 20:06 ` [PATCH v2 13/15] bpfilter: Take advantage of the facilities of " Eric W. Biederman
2020-06-29 20:07 ` [PATCH v2 14/15] umd: Remove exit_umh Eric W. Biederman
2020-06-29 20:08 ` [PATCH v2 15/15] umd: Stop using split_argv Eric W. Biederman
2020-06-29 22:12 ` [PATCH v2 00/15] Make the user mode driver code a better citizen Alexei Starovoitov
2020-06-30 1:13 ` Eric W. Biederman
2020-06-30 6:16 ` Tetsuo Handa
2020-06-30 12:29 ` Eric W. Biederman
2020-06-30 13:21 ` Tetsuo Handa
2020-07-02 13:08 ` Eric W. Biederman
2020-07-02 13:40 ` Tetsuo Handa
2020-07-02 16:02 ` Eric W. Biederman
2020-07-03 13:19 ` Tetsuo Handa
2020-07-03 22:25 ` Eric W. Biederman
2020-07-04 6:57 ` Tetsuo Handa
2020-07-08 4:46 ` Eric W. Biederman [this message]
2020-06-30 16:52 ` Alexei Starovoitov
2020-07-01 17:12 ` Eric W. Biederman
2020-07-02 16:40 ` [PATCH v3 00/16] " Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 01/16] umh: Capture the pid in umh_pipe_setup Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 02/16] umh: Move setting PF_UMH into umh_pipe_setup Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 03/16] umh: Rename the user mode driver helpers for clarity Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 04/16] umh: Remove call_usermodehelper_setup_file Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 05/16] umh: Separate the user mode driver and the user mode helper support Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 06/16] umd: For clarity rename umh_info umd_info Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 07/16] umd: Rename umd_info.cmdline umd_info.driver_name Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 08/16] umd: Transform fork_usermode_blob into fork_usermode_driver Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 09/16] umh: Stop calling do_execve_file Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 10/16] exec: Remove do_execve_file Eric W. Biederman
2020-07-08 6:35 ` Luis Chamberlain
2020-07-08 12:41 ` Luis Chamberlain
2020-07-08 13:08 ` Eric W. Biederman
2020-07-08 13:32 ` Luis Chamberlain
2020-07-12 21:02 ` Pavel Machek
2020-07-02 16:41 ` [PATCH v3 11/16] bpfilter: Move bpfilter_umh back into init data Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 12/16] umd: Track user space drivers with struct pid Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 13/16] exit: Factor thread_group_exited out of pidfd_poll Eric W. Biederman
2020-07-03 20:30 ` Alexei Starovoitov
2020-07-03 21:37 ` Eric W. Biederman
2020-07-04 0:03 ` Alexei Starovoitov
2020-07-04 15:50 ` Christian Brauner
2020-07-07 17:09 ` Eric W. Biederman
2020-07-08 0:05 ` Daniel Borkmann
2020-07-08 3:50 ` Eric W. Biederman
2020-07-04 16:00 ` Christian Brauner
2020-07-02 16:41 ` [PATCH v3 14/16] bpfilter: Take advantage of the facilities of struct pid Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 15/16] umd: Remove exit_umh Eric W. Biederman
2020-07-02 16:41 ` [PATCH v3 16/16] umd: Stop using split_argv Eric W. Biederman
2020-07-02 23:51 ` [PATCH v3 00/16] Make the user mode driver code a better citizen Tetsuo Handa
2020-07-09 22:05 ` [merged][PATCH " Eric W. Biederman
2020-07-14 19:42 ` Alexei Starovoitov
2020-07-08 5:20 ` [PATCH v2 00/15] " Luis Chamberlain
2020-06-26 14:10 ` [PATCH 00/14] " Greg Kroah-Hartman
2020-06-26 16:40 ` Alexei Starovoitov
2020-06-26 17:17 ` Eric W. Biederman
2020-06-26 18:22 ` Alexei Starovoitov
2020-06-27 11:38 ` Tetsuo Handa
2020-06-27 12:59 ` Eric W. Biederman
2020-06-27 13:57 ` Tetsuo Handa
2020-06-28 19:44 ` Alexei Starovoitov
2020-06-29 2:20 ` Tetsuo Handa
2020-06-29 20:19 ` Eric W. Biederman
2020-06-30 6:28 ` Tetsuo Handa
2020-06-30 12:32 ` Eric W. Biederman
2020-06-30 16:48 ` Alexei Starovoitov
2020-06-30 21:54 ` Tetsuo Handa
2020-06-30 21:57 ` Alexei Starovoitov
2020-06-30 22:58 ` Tetsuo Handa
2020-06-25 12:56 ` [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained Stephen Smalley
2020-06-25 13:25 ` Greg Kroah-Hartman
2020-06-25 14:26 ` Stephen Smalley
2020-06-25 14:36 ` Stephen Smalley
2020-06-25 15:21 ` Tetsuo Handa
2020-06-25 16:03 ` Stephen Smalley
2020-06-25 16:06 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o8oqipgl.fsf@x220.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=GLin@suse.com \
--cc=akpm@linux-foundation.org \
--cc=alexei.starovoitov@gmail.com \
--cc=ast@kernel.org \
--cc=bmeneg@redhat.com \
--cc=bpf@vger.kernel.org \
--cc=casey@schaufler-ca.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=greg@kroah.com \
--cc=keescook@chromium.org \
--cc=kuba@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=yamada.masahiro@socionext.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Linux-Security-Module Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
linux-security-module@vger.kernel.org
public-inbox-index linux-security-module
Example config snippet for mirrors
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git