Received: by 2002:a05:7412:5112:b0:fa:6e18:a558 with SMTP id fm18csp565339rdb;
        Tue, 23 Jan 2024 07:59:07 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEtp82yi46SJcD2g/MQhpMweKYeifFb0HNKIZCBSPTdijtHrkJlMdsWzT+runotnFghhQ07
X-Received: by 2002:a05:6871:798f:b0:214:831a:76e7 with SMTP id pb15-20020a056871798f00b00214831a76e7mr1540893oac.81.1706025546877;
        Tue, 23 Jan 2024 07:59:06 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706025546; cv=pass;
        d=google.com; s=arc-20160816;
        b=KftfVI7T+XzC8Whj27R0YIXUU+ws0Q2K2CiSka2xsFbiFeJNywz/dnsOsi5LwKZYrK
         X6/TzbNBknWtiZMXH3kIrW8sEHWfD+XHhS5IxAKORjG/eTWKgBVbPE0GVVjluBXK33Np
         m5iW2/C73Og0b0hc6DZSGNYhmtHE9cuJ5NP4slOHC2e/dwu1Sc6GLa65b3603mXOXVa7
         W3Eb8wk5e4/5/Z8ipynRWQt7Qsv7dghG0icFsj63+YevVP77A+W1oGGtjTW+prLbdBR+
         yrj3AJ8PvnQwpj7BttY05MGbW2jsmQMCukT3S1CeygW2+nAl/Uxs4LaKuRKn4G/2zEbc
         JT5g==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=user-agent:in-reply-to:content-disposition:mime-version
         :list-unsubscribe:list-subscribe:list-id:precedence:references
         :message-id:subject:cc:to:from:date:dkim-signature;
        bh=GjkSdKZOfRMPgNl3Qm01JjYpubCaTKo6HETyRd+5mTk=;
        fh=NrPUQ5fb2LYhfrBFB5+JVUXAypO1HjJgVIb7BqDPkhw=;
        b=mkKMqKJRY/Mt3jAGqK38PpqK0FhZCkDZXE/77ikJNdnna16OD5aulmFcHOkAJSPhgr
         I60W6DQrjQ3dYZOQXo+40qif1f+Ahm2J6bcn6V8/V3Fz/3pEzADq1AdiAxLq7lx7Mp6Y
         tqEOfAakR/iZCiwd06liMgLR7B3N7cTdPMyKcU5PdzDC4wafqGe8Ia9yFH1A/HxdHhbP
         nE+9s9Shjyiy0vQNlnd1zzzXUkg0lQ3nlH4/xSiLStHFdKvIKDtESQ415xSe6+KSN/Cp
         amAtIm+mJcGXry7TiqUfIdn2OGYvAnesdt61xs0HzO9poY4NRt4FHWHt8vMrvyptmiWa
         l8Qw==
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=gXgVhh8Q;
       arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com);
       spf=pass (google.com: domain of linux-kernel+bounces-35599-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-35599-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel+bounces-35599-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id y16-20020a63e250000000b005c279da45f1si10159033pgj.566.2024.01.23.07.59.06
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 23 Jan 2024 07:59:06 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-35599-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=gXgVhh8Q;
       arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com);
       spf=pass (google.com: domain of linux-kernel+bounces-35599-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-35599-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 2D62E2906A4
	for <linux.lists.archive@gmail.com>; Tue, 23 Jan 2024 15:55:17 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 0D8E660B9D;
	Tue, 23 Jan 2024 15:55:11 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="gXgVhh8Q"
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3E31860872
	for <linux-kernel@vger.kernel.org>; Tue, 23 Jan 2024 15:55:07 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1706025310; cv=none; b=TeE/tNqTwRyjVzzOIoLBP9lblOIG/1gyjIfcEtF60x6mBzGPfusi8h6DrSZ0JceYCayq0JvBnLqrpprr3iBRMrVyVJqmyIlP7j7boq0N5bm/U65u9+dVGP6J+Z18+HgeCiUcqsKl8r2a/8QcHVcPsXqxcAl0auxVqUy84CfB6B8=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1706025310; c=relaxed/simple;
	bh=oh3Zhs9WXUh2/NAJqpmzYlnua86s8LfxQ3ifv3XPgEA=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=kdmAB75eHS7VejlKw9JQ2VeEGprTkjJ6LSsPQ6jOT3+TDl6MX2AezBMKkr/yuHmmB3I1qPhExyZUfNwUIYs302LbkxIEhbHxCbiLeDNNGXjHseizwEvDWBUxiEonbxcjKX4rqQmxHLqEZcuWxVB6DGuvxUnubueM34m7rqVh1ug=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=gXgVhh8Q; arc=none smtp.client-ip=170.10.129.124
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1706025307;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=GjkSdKZOfRMPgNl3Qm01JjYpubCaTKo6HETyRd+5mTk=;
	b=gXgVhh8QxSr0AJnXnKdt8UKNUYhDXAlN+PB6v1uDrOGOEf1IydWHLERqnCyBfbNBO9vlMU
	qv/chNmQf0OvBvvzUPFQMTOFruI1YPMLS6N87z0+BUcnt+PIz9M1WhiQ7xpKW4J/CuZGPB
	1hzHfbi6/eH5ppRgCLPPzJzODqNHBO8=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-479-5Gsk90L4PvC0i5xjIyE1xw-1; Tue, 23 Jan 2024 10:55:05 -0500
X-MC-Unique: 5Gsk90L4PvC0i5xjIyE1xw-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B341B88B7AE;
	Tue, 23 Jan 2024 15:55:04 +0000 (UTC)
Received: from dhcp-27-174.brq.redhat.com (unknown [10.45.224.197])
	by smtp.corp.redhat.com (Postfix) with SMTP id 988592026D66;
	Tue, 23 Jan 2024 15:55:03 +0000 (UTC)
Received: by dhcp-27-174.brq.redhat.com (nbSMTP-1.00) for uid 1000
	oleg@redhat.com; Tue, 23 Jan 2024 16:53:51 +0100 (CET)
Date: Tue, 23 Jan 2024 16:53:49 +0100
From: Oleg Nesterov <oleg@redhat.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
	Dylan Hatch <dylanbhatch@google.com>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 2/2] getrusage: use sig->stats_lock rather than
 lock_task_sighand()
Message-ID: <20240123155349.GA9978@redhat.com>
References: <20240122155023.GA26169@redhat.com>
 <20240122155053.GA26214@redhat.com>
 <20240122155723.149081552c9a9e122b1f783b@linux-foundation.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240122155723.149081552c9a9e122b1f783b@linux-foundation.org>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.4

On 01/22, Andrew Morton wrote:
>
> On Mon, 22 Jan 2024 16:50:53 +0100 Oleg Nesterov <oleg@redhat.com> wrote:
>
> > lock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call
> > getrusage() at the same time and the process has NR_THREADS, spin_lock_irq
> > will spin with irqs disabled O(NR_CPUS * NR_THREADS) time.
>
> It would be super interesting to see Dylan's original report.

from "[RFC PATCH] getrusage: Use trylock when getting sighand lock."
https://lore.kernel.org/all/20240117192534.1327608-1-dylanbhatch@google.com/

	Processes with many threads run the risk of causing a hard lockup if
	too many threads are calling getrusage() at once. This is because a
	calling thread with RUSAGE_SELF spins on the sighand lock with irq
	disabled, and the critical section of getrusage scales linearly with the
	size of the process. All cpus may end up spinning on the sighand lock
	for a long time because another thread has the lock and is busy
	iterating over 250k+ threads.

> Is it possible for carefully-crafted unprivileged userspace to
> deliberately trigger this?

Yes, just you need to create a process with a lot of threads calling
getrusage().

See mine and Dylan's test-cases in
https://lore.kernel.org/all/CADBMgpz7k=LhktfcJhSDBDWN0oLeQxPqhOVws3fq0LNpnfOSYg@mail.gmail.com/
There are very similar and simple.


And again, this is a known problem and we need more fixes.

Oleg.