Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp847723ybx;
        Tue, 5 Nov 2019 06:31:51 -0800 (PST)
X-Google-Smtp-Source: APXvYqzp+AoT5PpKgFyLsg8TMQpVUOa6VN3CsQ7NiQRJsuU2Aef+iTezOBk4FDir2t6sGKZY4fJu
X-Received: by 2002:a17:906:2654:: with SMTP id i20mr23084122ejc.163.1572964311017;
        Tue, 05 Nov 2019 06:31:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1572964311; cv=none;
        d=google.com; s=arc-20160816;
        b=S3EjuBigRTSYDz/eyjz4lLrjrDmI9ovX7lO8kE42dxkmVu2aHrJNcxofMk0VXA/Cr3
         TOSmI4jqrOxqPz12SF5Www/h5wqAFAh5DoSWnL1J2mhrQFeN8E6mltBY1heYS3UlzGmW
         AQ+PQclb19HtgG0votDyK6cdAMsM+SI/K6rmKaBAlTS/4ec/Y6uovOA8WgZKdrxuUVmF
         pL647N1ILgPCUK+lOqvhANrxGRdBb6z6n6L00S7z3TghruDXQCysYtHCxASbyhgsgNyQ
         6OJ5BlL/1vBZtQHqBXAvfEkJFx5Wh9j7qs9f+FnX+B7B3gl7e4PtQLlT0u2FFuMCJQ4V
         usIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=5bL2CNSOgqPwA9+8q2oRWfruXA6ePwGBRtPKIV4OsDo=;
        b=yrIbEbgwr8BfpSCK4vbyxwKrPICUJHGV8OkYOm8ukMc/8L2U91vSRxEeF0EP2ckzu0
         mjk1iQhF3IxNgxErUqYrZxZKhRzz6wY93RV00MdYj7DFLzAsDIQdNlnaOuCWH6W0TmtO
         Xj2juob+3hTlHakYazLQs/lElBiqMaS2SBytBDm1H/I4f7LMI/Uk9IybB9DdmirLFBzq
         7GOTzVA8xXGB2DW5U7QGSGJyKn1/TLsd5cwZZ8e+akQuqVFq4HY+t/eGSF4bZbHJg7gt
         OqHEwmkOjcqWXxlf9an2WCCA2riDZd4vSMo0qVwZO0ZDI9lfYnKScJT8Z06x2CMogQni
         SeDg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i16si4654130ejh.75.2019.11.05.06.31.27;
        Tue, 05 Nov 2019 06:31:51 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2389546AbfKEO2A (ORCPT <rfc822;zhangckid@gmail.com> + 99 others);
        Tue, 5 Nov 2019 09:28:00 -0500
Received: from Galois.linutronix.de ([193.142.43.55]:41505 "EHLO
        Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727857AbfKEO2A (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 5 Nov 2019 09:28:00 -0500
Received: from [5.158.153.52] (helo=nanos.tec.linutronix.de)
        by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
        (Exim 4.80)
        (envelope-from <tglx@linutronix.de>)
        id 1iRzoJ-0005W7-92; Tue, 05 Nov 2019 15:27:55 +0100
Date:   Tue, 5 Nov 2019 15:27:54 +0100 (CET)
From:   Thomas Gleixner <tglx@linutronix.de>
To:     Carlos O'Donell <carlos@redhat.com>
cc:     Florian Weimer <fweimer@redhat.com>, Shawn Landden <shawn@git.icu>,
        libc-alpha@sourceware.org, linux-api@vger.kernel.org,
        LKML <linux-kernel@vger.kernel.org>,
        Arnd Bergmann <arnd@arndb.de>,
        Deepa Dinamani <deepa.kernel@gmail.com>,
        Oleg Nesterov <oleg@redhat.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Keith Packard <keithp@keithp.com>,
        Peter Zijlstra <peterz@infradead.org>
Subject: Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking
 ABIs at the same time.
In-Reply-To: <f11d82f1-1e81-e344-3ad2-76e4cb488a3d@redhat.com>
Message-ID: <alpine.DEB.2.21.1911051520090.17054@nanos.tec.linutronix.de>
References: <20191104002909.25783-1-shawn@git.icu> <87woceslfs.fsf@oldenburg2.str.redhat.com> <alpine.DEB.2.21.1911051053470.17054@nanos.tec.linutronix.de> <87sgn2skm6.fsf@oldenburg2.str.redhat.com> <alpine.DEB.2.21.1911051253430.17054@nanos.tec.linutronix.de>
 <f11d82f1-1e81-e344-3ad2-76e4cb488a3d@redhat.com>
User-Agent: Alpine 2.21 (DEB 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 5 Nov 2019, Carlos O'Donell wrote:
> On 11/5/19 6:56 AM, Thomas Gleixner wrote:
> The other issue is this:
> 
> "Robust mutexes do not take ROBUST_LIST_LIMIT into account"
> https://sourceware.org/bugzilla/show_bug.cgi?id=19089

  "The kernel limits the length of the robust mutex list to 2048 entries.
   This constant does not seem to be exported to user space."

FWIW, the constant is defined in the UAPI futex header.

The main concern here is not the actual number of futexes held by a task.

The real issue is that the robust list could be circular by incident or
malice and there is no way for the kernel to figure that out. That would
prevent the task from exiting and make it iterate over the list until
doomsday, i.e. a nice unpriviledged DoS.

So I fear the kernel cannot really help with this one.

Thanks,

	tglx