Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2870192imu; Fri, 23 Nov 2018 16:24:46 -0800 (PST) X-Google-Smtp-Source: AFSGD/UuGQ2LXxQNN+6pWLQQbVPBTv6Uw6+Lqd+uZJC7eXD2nu+7UZ7U6wPOHjfN+Sk+TxtEmFf3 X-Received: by 2002:a65:6392:: with SMTP id h18mr16343302pgv.107.1543019086356; Fri, 23 Nov 2018 16:24:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543019086; cv=none; d=google.com; s=arc-20160816; b=PNQSQu9bNoRgeF9Wi1bY6mkT9HVZj6ObyMoZmfE+jWhByZ2tH7XtecE8vAPlFv1SVJ l3Cl9VxMPEgljY6Kyd8zYqUiplwBd8AmaWyBOKqukYDmNqoKz77jupKGQ791DTYC6E5S oM7vxrKY5tQBYAmjSVEbsXh/l9PuUDnmn+Ts0Rty/WfWi/ZP0Nlqaby6Q2syPYH0G5Ec 8xuqB7z23PBBRusLEOTJLVP7CoU4xHFgDaiZPiZ6m5kJzyPELM7xz/dyZQND7AyE50wU lBIKrhxHU1XWxyf2liDHs7REvd/gZrKr55bwlATLur6Om3yz28qbXrl2n5m8LeASOFZs c6yg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:thread-index:thread-topic :content-transfer-encoding:mime-version:subject:references :in-reply-to:message-id:cc:to:from:date:dkim-signature:dkim-filter; bh=iX74avaxkopbTzW8iFc6KzfBB2ZkO1P69rbpcHrgCIU=; b=clqczXDQ8B8qh674IvZDAB9A4GvRdwCzmrQQ7dQqKM+HN8DA3eg7mrOpX/5lQP4gom I6KouQez65zeLiS/UgGTaUfX75Mgi0zpfydMxCAvQ+t3s7r8iTS6S5/EaGCNQkEZ30xv iztNVsfWfEoFyvmrPYbzf81Z5mvIJdMyAIGIbdSy3XeC/oZID656iBHmxImt9bRfWPQF BGyb+9Nv2qQUly7mYqVqoFJAnullnjqe16nbY/qXRZaeWSwVMO6/9Xp3uJzbEgRAUrHv cacLmTY+BlmVx4PfH45ityoG7VKsmVVyriZ/ouglOrVs/drhG1Q4f5BOevFfOIEeSzVV 0jxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@efficios.com header.s=default header.b=rjlHzJZG; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=efficios.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 133si8632209pfw.64.2018.11.23.16.24.31; Fri, 23 Nov 2018 16:24:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@efficios.com header.s=default header.b=rjlHzJZG; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=efficios.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2437772AbeKWCNM (ORCPT + 99 others); Thu, 22 Nov 2018 21:13:12 -0500 Received: from mail.efficios.com ([167.114.142.138]:43684 "EHLO mail.efficios.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2437749AbeKWCNM (ORCPT ); Thu, 22 Nov 2018 21:13:12 -0500 Received: from localhost (ip6-localhost [IPv6:::1]) by mail.efficios.com (Postfix) with ESMTP id 18ADB250CD0; Thu, 22 Nov 2018 10:33:20 -0500 (EST) Received: from mail.efficios.com ([IPv6:::1]) by localhost (mail02.efficios.com [IPv6:::1]) (amavisd-new, port 10032) with ESMTP id cgZhkN1M_N7F; Thu, 22 Nov 2018 10:33:19 -0500 (EST) Received: from localhost (ip6-localhost [IPv6:::1]) by mail.efficios.com (Postfix) with ESMTP id BEA28250CCB; Thu, 22 Nov 2018 10:33:19 -0500 (EST) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.efficios.com BEA28250CCB DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=efficios.com; s=default; t=1542900799; bh=iX74avaxkopbTzW8iFc6KzfBB2ZkO1P69rbpcHrgCIU=; h=Date:From:To:Message-ID:MIME-Version; b=rjlHzJZGqvxHpooCBau9wQ9dZbrMJyqkZ4gv1U9r/DKThVXwSAKeYgXLJSzf+zewZ KJjACqU0u2V0iTxGYSRVC9/eilGijS+zhXoTfEUvK4WTAV/KSbKdYQm7YeW00YN/3G RMEAyx4FI9+FNCpHtuuE/LAcQY09pSa8ERlIvWAuMbxsiNYWWY/yIvDl1RmFRr6w7u HXhT5zy8+yOfOogU4efl//LhpwzglBJtCmbMFmRArxEtPzFIEIpAmczrraX632jfpg RLxrKSa127dED8pOBwNZwkR4WcA1UyLsx292qzNjy9fTOKbDCigES1BqOwbleTenSC SAQIh7Yg99p3Q== X-Virus-Scanned: amavisd-new at efficios.com Received: from mail.efficios.com ([IPv6:::1]) by localhost (mail02.efficios.com [IPv6:::1]) (amavisd-new, port 10026) with ESMTP id xTHlahvGACw5; Thu, 22 Nov 2018 10:33:19 -0500 (EST) Received: from mail02.efficios.com (mail02.efficios.com [167.114.142.138]) by mail.efficios.com (Postfix) with ESMTP id A05F9250CB3; Thu, 22 Nov 2018 10:33:19 -0500 (EST) Date: Thu, 22 Nov 2018 10:33:19 -0500 (EST) From: Mathieu Desnoyers To: Florian Weimer Cc: Rich Felker , carlos , Joseph Myers , Szabolcs Nagy , libc-alpha , Thomas Gleixner , Ben Maurer , Peter Zijlstra , "Paul E. McKenney" , Boqun Feng , Will Deacon , Dave Watson , Paul Turner , linux-kernel , linux-api Message-ID: <1306224240.10055.1542900799576.JavaMail.zimbra@efficios.com> In-Reply-To: <875zwpyw81.fsf@oldenburg.str.redhat.com> References: <20181121183936.8176-1-mathieu.desnoyers@efficios.com> <20181122143603.GD23599@brightrain.aerifal.cx> <782067422.9852.1542899056778.JavaMail.zimbra@efficios.com> <87a7m1ywni.fsf@oldenburg.str.redhat.com> <20181122151710.GF23599@brightrain.aerifal.cx> <875zwpyw81.fsf@oldenburg.str.redhat.com> Subject: Re: [RFC PATCH v4 1/5] glibc: Perform rseq(2) registration at nptl init and thread creation MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [167.114.142.138] X-Mailer: Zimbra 8.8.10_GA_3047 (ZimbraWebClient - FF52 (Linux)/8.8.10_GA_3041) Thread-Topic: glibc: Perform rseq(2) registration at nptl init and thread creation Thread-Index: VNsyWedxHflm6QgPfgC12cA12AhZDg== Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ----- On Nov 22, 2018, at 10:21 AM, Florian Weimer fweimer@redhat.com wrote: > * Rich Felker: > >> On Thu, Nov 22, 2018 at 04:11:45PM +0100, Florian Weimer wrote: >>> * Mathieu Desnoyers: >>> >>> > Thoughts ? >>> > >>> > /* Unregister rseq TLS from kernel. */ >>> > if (has_rseq && __rseq_unregister_current_thread ()) >>> > abort(); >>> > >>> > advise_stack_range (pd->stackblock, pd->stackblock_size, (uintptr_t) pd, >>> > pd->guardsize); >>> > >>> > /* If the thread is detached free the TCB. */ >>> > if (IS_DETACHED (pd)) >>> > /* Free the TCB. */ >>> > __free_tcb (pd); >>> >>> Considering that we proceed to free the TCB, I really hope that all >>> signals are blocked at this point. (I have not checked this, though.) >>> >>> Wouldn't this address your concern about access to the rseq area? >> >> I'm not familiar with glibc's logic here, but for other reasons, I >> don't think freeing it is safe until the kernel task exit futex (set >> via clone or set_tid_address) has fired. I would guess __free_tcb just >> sets up for it to be reclaimable when this happens rather than >> immediately freeing it for reuse. > > Right, but in case of user-supplied stacks, we actually free TLS memory > at this point, so signals need to be blocked because the TCB is > (partially) gone after that. Unfortuntately, disabling signals is not enough. With rseq registered, the kernel accesses the rseq TLS area when returning to user-space after _preemption_ of user-space, which can be triggered at any point by an interrupt or a fault, even if signals are blocked. So if there are cases where the TLS memory is freed while the thread is still running, we _need_ to explicitly unregister rseq beforehand. Thanks, Mathieu -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com