Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp2678958ybh; Mon, 9 Mar 2020 10:43:25 -0700 (PDT) X-Google-Smtp-Source: ADFU+vu91/EuyoWju3aCvGyNCCoRiQdn++K0mQQszOwhqtoyPGC++99dQ8eGsv/E4xIdHtmHAL+c X-Received: by 2002:a9d:228:: with SMTP id 37mr7558427otb.52.1583775805485; Mon, 09 Mar 2020 10:43:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583775805; cv=none; d=google.com; s=arc-20160816; b=Nd7vvMomo0+FoT+3l2X177JUU/CxJlZSA56VDxvRwRmZe3537nP+IIh5E8K1xSh/q+ Isk1MFv8ZouRC5O0e/ES03ryiBs4TqtczFOJiUdjVaZujbtUYpuPLx+Gpf0IE/h/9+3q e094Qp59u4xwIm7y+gWQ94y+nFYCk+wiLR4hBfLSRiYP+0A5xR30+8mLp3YNSWlCkbVu igyrlvUPtHv9+W+9wedhda2qExlmYOtslIV7TpbytCaSCDXELHdBhmPR+0pHvUnDW4bz xCBFElH6b4mUwVvn/knCl9wknHbLMv358gCm+9UkRGl3o0022hIwFz76oVv3m8K3Yv6g LSGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from; bh=sStCkThV5xcKBQg4zlSqhGmJMbG0x0zJkwubInF9r1o=; b=E80Gq9OW3PTx1IJOJn+RK3QnK62eqQ2zAOM5vFl/JAN9AThVV1STyfXrxQ48r6erwa 1uWEauDBawigPp8mzcIRNGDsMLMIrMzGYq9KrZD4C/+bg2vTF/HjVj20ERJBSqXcxTV/ +nnIkBtQpR81BMb6PPyJ3bD9sgVb8brLAUjoFCJxxDceZDvdi7SC5sKH4bhr9HyQY8m8 XtyDnkup92cPqC0g20T14IdY0P0Q0rpyJ0zw70JYRYilZ7LJIdThp0kzX92Gj5k+Crfx 881BGk6kA9q7U+I+dFdfoy2LFDB5yLy8nGrzNY92s3rz/fGbSMD+/fVpKqwRv339ptUr xrUA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p20si6956542otk.258.2020.03.09.10.43.13; Mon, 09 Mar 2020 10:43:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727357AbgCIRm6 (ORCPT + 99 others); Mon, 9 Mar 2020 13:42:58 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:40156 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726661AbgCIRm5 (ORCPT ); Mon, 9 Mar 2020 13:42:57 -0400 Received: from in01.mta.xmission.com ([166.70.13.51]) by out01.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jBMQa-0000Mu-4R; Mon, 09 Mar 2020 11:42:56 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1jBMQZ-0002BG-3k; Mon, 09 Mar 2020 11:42:55 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Bernd Edlinger Cc: Christian Brauner , Kees Cook , Jann Horn , Jonathan Corbet , Alexander Viro , Andrew Morton , Alexey Dobriyan , Thomas Gleixner , Oleg Nesterov , Frederic Weisbecker , Andrei Vagin , Ingo Molnar , "Peter Zijlstra \(Intel\)" , Yuyang Du , David Hildenbrand , Sebastian Andrzej Siewior , Anshuman Khandual , David Howells , James Morris , Greg Kroah-Hartman , Shakeel Butt , Jason Gunthorpe , Christian Kellner , Andrea Arcangeli , Aleksa Sarai , "Dmitry V. Levin" , "linux-doc\@vger.kernel.org" , "linux-kernel\@vger.kernel.org" , "linux-fsdevel\@vger.kernel.org" , "linux-mm\@kvack.org" , "stable\@vger.kernel.org" , "linux-api\@vger.kernel.org" References: <87v9nmjulm.fsf@x220.int.ebiederm.org> <202003021531.C77EF10@keescook> <20200303085802.eqn6jbhwxtmz4j2x@wittgenstein> <87v9nlii0b.fsf@x220.int.ebiederm.org> <87a74xi4kz.fsf@x220.int.ebiederm.org> <87r1y8dqqz.fsf@x220.int.ebiederm.org> <87tv32cxmf.fsf_-_@x220.int.ebiederm.org> <87v9ne5y4y.fsf_-_@x220.int.ebiederm.org> <87zhcq4jdj.fsf_-_@x220.int.ebiederm.org> Date: Mon, 09 Mar 2020 12:40:37 -0500 In-Reply-To: (Bernd Edlinger's message of "Mon, 9 Mar 2020 13:45:52 +0000") Message-ID: <878sk94eay.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1jBMQZ-0002BG-3k;;;mid=<878sk94eay.fsf@x220.int.ebiederm.org>;;;hst=in01.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX18+CRYcVXyL7K70DHjZAhuv5wHOtH7gaUo= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa07.xmission.com X-Spam-Level: X-Spam-Status: No, score=0.5 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,T_TooManySym_01,XMSubLong autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4871] * 0.7 XMSubLong Long Subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa07 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ;Bernd Edlinger X-Spam-Relay-Country: X-Spam-Timing: total 386 ms - load_scoreonly_sql: 0.05 (0.0%), signal_user_changed: 3.0 (0.8%), b_tie_ro: 2.0 (0.5%), parse: 1.01 (0.3%), extract_message_metadata: 11 (2.8%), get_uri_detail_list: 1.20 (0.3%), tests_pri_-1000: 8 (2.1%), tests_pri_-950: 1.19 (0.3%), tests_pri_-900: 1.05 (0.3%), tests_pri_-90: 29 (7.5%), check_bayes: 28 (7.2%), b_tokenize: 11 (2.9%), b_tok_get_all: 8 (2.1%), b_comp_prob: 2.3 (0.6%), b_tok_touch_all: 4.3 (1.1%), b_finish: 0.61 (0.2%), tests_pri_0: 244 (63.1%), check_dkim_signature: 0.61 (0.2%), check_dkim_adsp: 2.3 (0.6%), poll_dns_idle: 68 (17.5%), tests_pri_10: 2.1 (0.5%), tests_pri_500: 83 (21.4%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Bernd Edlinger writes: > On 3/8/20 10:38 PM, Eric W. Biederman wrote: >> >> The cred_guard_mutex is problematic. The cred_guard_mutex is held >> over the userspace accesses as the arguments from userspace are read. >> The cred_guard_mutex is held of PTRACE_EVENT_EXIT as the the other ^ over > > ... is held while waiting for the trace parent to handle PTRACE_EVENT_EXIT > or something? Yes. Let me see if I can phrase that better. > I wonder if we also should mention that > it is held while waiting for the trace parent to > receive the exit code with "wait"? I don't think we have to spell out the details of how it all works, unless that makes things clearer. Kernel developers can be expected to figure out how the kernel works. The critical thing is that it is an indefinite wait for userspace to take action. But I will look. >> threads are killed. The cred_guard_mutex is held over >> "put_user(0, tsk->clear_child_tid)" in exit_mm(). >> >> Any of those can result in deadlock, as the cred_guard_mutex is held >> over a possible indefinite userspace waits for userspace. >> >> Add exec_update_mutex that is only held over exec updating process > > Add ? Yes. That is what the change does: add exec_update_mutex. >> with the new contents of exec, so that code that needs not to be >> confused by exec changing the mm and the cred in ways that can not >> happen during ordinary execution of a process. >> >> The plan is to switch the users of cred_guard_mutex to >> exec_udpate_mutex one by one. This lets us move forward while still > > s/udpate/update/ Yes. Very much so. Eric