This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.

From: Florian Weimer <fweimer at redhat dot com>
To: Thomas Gleixner <tglx at linutronix dot de>
Cc: Carlos O'Donell <carlos at redhat dot com>, Shawn Landden <shawn at git dot icu>, libc-alpha at sourceware dot org, linux-api at vger dot kernel dot org, LKML <linux-kernel at vger dot kernel dot org>, Arnd Bergmann <arnd at arndb dot de>, Deepa Dinamani <deepa dot kernel at gmail dot com>, Oleg Nesterov <oleg at redhat dot com>, Andrew Morton <akpm at linux-foundation dot org>, Catalin Marinas <catalin dot marinas at arm dot com>, Keith Packard <keithp at keithp dot com>, Peter Zijlstra <peterz at infradead dot org>
Date: Tue, 05 Nov 2019 15:33:38 +0100
Subject: Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
References: <20191104002909.25783-1-shawn@git.icu> <87woceslfs.fsf@oldenburg2.str.redhat.com> <alpine.DEB.2.21.1911051053470.17054@nanos.tec.linutronix.de> <87sgn2skm6.fsf@oldenburg2.str.redhat.com> <alpine.DEB.2.21.1911051253430.17054@nanos.tec.linutronix.de> <f11d82f1-1e81-e344-3ad2-76e4cb488a3d@redhat.com> <alpine.DEB.2.21.1911051520090.17054@nanos.tec.linutronix.de>

* Thomas Gleixner:

> On Tue, 5 Nov 2019, Carlos O'Donell wrote:
>> On 11/5/19 6:56 AM, Thomas Gleixner wrote:
>> The other issue is this:
>> 
>> "Robust mutexes do not take ROBUST_LIST_LIMIT into account"
>> https://sourceware.org/bugzilla/show_bug.cgi?id=19089
>
>   "The kernel limits the length of the robust mutex list to 2048 entries.
>    This constant does not seem to be exported to user space."
>
> FWIW, the constant is defined in the UAPI futex header.
>
> The main concern here is not the actual number of futexes held by a task.
>
> The real issue is that the robust list could be circular by incident or
> malice and there is no way for the kernel to figure that out. That would
> prevent the task from exiting and make it iterate over the list until
> doomsday, i.e. a nice unpriviledged DoS.
>
> So I fear the kernel cannot really help with this one.

I'm actually fine with treating ROBUST_LIST_LIMIT as an ABI constant.
It's just not clear to me if the constant has this status today.  I
suspect it was just split from the implementation headers at one point.

Thanks,
Florian

Follow-Ups:
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Thomas Gleixner

References:
- [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Shawn Landden
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Florian Weimer
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Thomas Gleixner
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Florian Weimer
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Thomas Gleixner
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Carlos O'Donell
- Re: [RFC v2 PATCH] futex: extend set_robust_list to allow 2 locking ABIs at the same time.
  - From: Thomas Gleixner

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]