Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp1497667iob;
        Fri, 29 Apr 2022 06:43:08 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxy+K97VGIxZgtCQUqrbw/TUA3RWM3CUsW8pk4RfNc3dIug5kkFK5N2m3yqMYRScxjmQqsZ
X-Received: by 2002:a05:651c:b0e:b0:24f:3d53:b7f9 with SMTP id b14-20020a05651c0b0e00b0024f3d53b7f9mr2608428ljr.478.1651239788608;
        Fri, 29 Apr 2022 06:43:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1651239788; cv=none;
        d=google.com; s=arc-20160816;
        b=BZ+7sDOHz3pB98iunfv52K3M7M5FTKau/k9HUnsTTpCayiSdY5yjbqE0gs1oBROgng
         COoC5OFTmAEAwb3zqc4lRK3gGACd8dCaZn0HKiBF7lduW4OQ4vDGRScYeximle6Ycl5B
         5+I9Z1BA1A9oIYAOFQXKLod4qzoKj/9ot1p8Ixvxg0E/H0G0ueAH7+nR1NrOITbwHWCB
         lFezsFjNzT6PvcRaEq7O+1XL0UHNfkcNusCawy4S/f2g4e2ryM7lPvK4XHuA47nfGQ3p
         nAF7gIuxqI7o+/j0iC9LBPhEcMAg4LW8nSLFVBSjgV9zmdsyJG3wbXsviL+/+65ZdBHQ
         L0HQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=x4bCwPiDyDUtcqSO6dXG3Rqb1J6ca25XD5S5LJUlF2A=;
        b=ogu6PmVRa5QjhHAYvi12/H0VT0U4MTqxkXxQh0jKzJ6F/Mau0n9eHx3WikvuyxU20D
         JI7ZDoSb6t4yu6026oRaZ3wjRdoNF7fRpswFHQ0GerhArh2F9KvEYVmY4uxV0CQp7g7V
         jr7nAZrRCZuDTLcLZjDbE19DdcKJ4+Rq0/JVkUtRmSbCeNt4F4BvSO/76FnCa7Uq0tWn
         /nXIt9D99jSq7iOAKCW+/n960DtlzuUdS1e3bgpOYFtGBkSv7zFIzeCeq4jlC8GhG28C
         GPZxEZh+E93t3HFcobIGBd5+V5milvLHvjg9S6Ap2H0QKkPgFtr3p7LVRkv0YiD/Std+
         YdLw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=glC31awJ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id 5-20020a2e1445000000b0024b662ce242si7273195lju.94.2022.04.29.06.42.41;
        Fri, 29 Apr 2022 06:43:08 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=glC31awJ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1350577AbiD1Rs0 (ORCPT <rfc822;andreykovskii@gmail.com>
        + 99 others); Thu, 28 Apr 2022 13:48:26 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49390 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235363AbiD1RsY (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 28 Apr 2022 13:48:24 -0400
Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C6B21A040;
        Thu, 28 Apr 2022 10:45:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
        d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version:
        References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
        Content-Transfer-Encoding:Content-ID:Content-Description;
        bh=x4bCwPiDyDUtcqSO6dXG3Rqb1J6ca25XD5S5LJUlF2A=; b=glC31awJB3JLoQZWiivVNLiz+T
        bz+k+6MK3LQkG+a0f6TVVnUzq4pETS64xttDxwteh8hY28D4tLcgDR/Y/2p2tNsxHwcWiZ7LIxUtG
        fU8sacrMWOw/NFfMsa5/hJeVHGWMHE9VgjvgQKrXEZqUPUi0uihkKMmBXw+qNCEWIFTKeMnaTMIP8
        fqYcEUJjy2VP6fOZ61ZdLddwHfa2p9SDPkovQOZCwhl5MIdxFUP+nfiUEvxC90uZO5Y8aSozTD/9/
        M+xPKeTR8s7k+41drsZBQC3lwbsa+odCXg1CiF/bjYeEA5rtsUwAnHyOi+aCHCCL4ow2Lxun7/YX2
        ECbRvgrQ==;
Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net)
        by desiato.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux))
        id 1nk8C6-009NoF-S5; Thu, 28 Apr 2022 17:44:47 +0000
Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
        (Client did not present a certificate)
        by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 67B7130031D;
        Thu, 28 Apr 2022 19:44:42 +0200 (CEST)
Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000)
        id 27DCE20296EE4; Thu, 28 Apr 2022 19:44:42 +0200 (CEST)
Date:   Thu, 28 Apr 2022 19:44:42 +0200
From:   Peter Zijlstra <peterz@infradead.org>
To:     "Eric W. Biederman" <ebiederm@xmission.com>
Cc:     Oleg Nesterov <oleg@redhat.com>, linux-kernel@vger.kernel.org,
        rjw@rjwysocki.net, mingo@kernel.org, vincent.guittot@linaro.org,
        dietmar.eggemann@arm.com, rostedt@goodmis.org, mgorman@suse.de,
        bigeasy@linutronix.de, Will Deacon <will@kernel.org>,
        tj@kernel.org, linux-pm@vger.kernel.org,
        Richard Weinberger <richard@nod.at>,
        Anton Ivanov <anton.ivanov@cambridgegreys.com>,
        Johannes Berg <johannes@sipsolutions.net>,
        linux-um@lists.infradead.org, Chris Zankel <chris@zankel.net>,
        Max Filippov <jcmvbkbc@gmail.com>,
        inux-xtensa@linux-xtensa.org, Kees Cook <keescook@chromium.org>,
        Jann Horn <jannh@google.com>
Subject: Re: [PATCH 6/9] signal: Always call do_notify_parent_cldstop with
 siglock held
Message-ID: <YmrSijTc6HIv4sAG@hirez.programming.kicks-ass.net>
References: <878rrrh32q.fsf_-_@email.froward.int.ebiederm.org>
 <20220426225211.308418-6-ebiederm@xmission.com>
 <20220427141018.GA17421@redhat.com>
 <874k2ea9q4.fsf@email.froward.int.ebiederm.org>
 <87zgk67fdd.fsf@email.froward.int.ebiederm.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87zgk67fdd.fsf@email.froward.int.ebiederm.org>
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
        SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Apr 27, 2022 at 09:47:10AM -0500, Eric W. Biederman wrote:

> Hmm.  If we have the following process tree.
> 
>     A
>      \
>       B
>        \
>         C
> 
> Process A, B, and C are all in the same process group.
> Process A and B are setup to receive SIGCHILD when
> their process stops.
> 
> Process C traces process A.
> 
> When a sigstop is delivered to the group we can have:
> 
> Process B takes siglock(B) siglock(A) to notify the real_parent
> Process C takes siglock(C) siglock(B) to notify the real_parent
> Process A takes siglock(A) siglock(C) to notify the tracer
> 
> If they all take their local lock at the same time there is
> a deadlock.
> 
> I don't think the restriction that you can never ptrace anyone
> up the process tree is going to fly.  So it looks like I am back to the
> drawing board for this one.

I've not had time to fully appreciate the nested locking here, but if it
is possible to rework things to always take both locks at the same time,
then it would be possible to impose an arbitrary lock order on things
and break the cycle that way.

That is, simply order the locks by their heap address or something:

static void double_siglock_irq(struct sighand *sh1, struct sighand2 *sh2)
{
	if (sh1 > sh2)
		swap(sh1, sh2)

	spin_lock_irq(&sh1->siglock);
	spin_lock_nested(&sh2->siglock, SINGLE_DEPTH_NESTING);
}