[PATCH 00/16] v6 kernel core pieces refcount conversions
From: Elena Reshetova
Date: Thu Nov 16 2017 - 09:00:40 EST
Changes in v6:
* memory ordering differences are outlined in each patch
together with potential problematic areas.
Note: I didn't include any statements in individual patches
on why I think the memory ordering changes do not matter
in that particular case since ultimately these are only
known by maintainers (unless explicitly documented) and
very hard to figure out reliably from the code.
Therefore maintainers are expected to double check the
specific pointed functions and make the end decision.
* rebase on top of today's linux-next/master
Changes in v5:
* Kees catched that the following changes in
perf_event_context.refcount and futex_pi_state.refcount
are not correct now when ARCH_HAS_REFCOUNT is enabled:
- WARN_ON(!atomic_inc_not_zero(refcount));
+ refcount_inc(refcount);
So they are now changed back to using refcount_inc_not_zero.
Changes in v4:
* just rebase and corrections on linux-next/master
Changes in v3:
* SoB chain corrected
* minor corrections based on v2 feedback
* rebase on linux-next/master as of today
Changes in v2:
* dropped already merged patches
* rebase on top of linux-next/master
* Now by default refcount_t = atomic_t (*) and uses all atomic
standard operations unless CONFIG_REFCOUNT_FULL is enabled.
This is a compromise for the systems that are critical on
performance (such as net) and cannot accept even slight delay
on the refcounter operations.
This series, for core kernel components, replaces atomic_t reference
counters with the new refcount_t type and API (see include/linux/refcount.h).
By doing this we prevent intentional or accidental
underflows or overflows that can led to use-after-free vulnerabilities.
The patches are fully independent and can be cherry-picked separately.
If there are no objections to the patches, please merge them via respective trees.
Elena Reshetova (16):
futex: convert futex_pi_state.refcount to refcount_t
sched: convert sighand_struct.count to refcount_t
sched: convert signal_struct.sigcnt to refcount_t
sched: convert user_struct.__count to refcount_t
sched: convert numa_group.refcount to refcount_t
sched/task_struct: convert task_struct.usage to refcount_t
sched/task_struct: convert task_struct.stack_refcount to refcount_t
perf: convert perf_event_context.refcount to refcount_t
perf/ring_buffer: convert ring_buffer.refcount to refcount_t
perf/ring_buffer: convert ring_buffer.aux_refcount to refcount_t
uprobes: convert uprobe.ref to refcount_t
nsproxy: convert nsproxy.count to refcount_t
groups: convert group_info.usage to refcount_t
creds: convert cred.usage to refcount_t
kcov: convert kcov.refcount to refcount_t
bdi: convert bdi_writeback_congested.refcnt from atomic_t to
refcount_t
fs/exec.c | 4 ++--
fs/proc/task_nommu.c | 2 +-
include/linux/backing-dev-defs.h | 3 ++-
include/linux/backing-dev.h | 4 ++--
include/linux/cred.h | 13 ++++++------
include/linux/init_task.h | 7 +++---
include/linux/nsproxy.h | 6 +++---
include/linux/perf_event.h | 3 ++-
include/linux/sched.h | 5 +++--
include/linux/sched/signal.h | 5 +++--
include/linux/sched/task.h | 4 ++--
include/linux/sched/task_stack.h | 2 +-
include/linux/sched/user.h | 5 +++--
kernel/cred.c | 46 ++++++++++++++++++++--------------------
kernel/events/core.c | 18 ++++++++--------
kernel/events/internal.h | 5 +++--
kernel/events/ring_buffer.c | 8 +++----
kernel/events/uprobes.c | 8 +++----
kernel/fork.c | 24 ++++++++++-----------
kernel/futex.c | 15 +++++++------
kernel/groups.c | 2 +-
kernel/kcov.c | 9 ++++----
kernel/nsproxy.c | 6 +++---
kernel/sched/fair.c | 12 +++++------
kernel/user.c | 8 +++----
mm/backing-dev.c | 14 ++++++------
26 files changed, 125 insertions(+), 113 deletions(-)
--
2.7.4