Re: [PATCH 2/2] futex: Leave the pi lock stealer in a consistent state upon successful fault

From: Peter Zijlstra
Date: Tue Mar 16 2021 - 16:13:53 EST

Next message: Horatiu Vultur: "[PATCH net-next v2 0/3] net: ocelot: Extend MRP"
Previous message: Guenter Roeck: "Re: [PATCH v2] hwmon: corsair-psu: add support for critical values"
In reply to: Thomas Gleixner: "Re: [PATCH 2/2] futex: Leave the pi lock stealer in a consistent state upon successful fault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 16, 2021 at 11:03:05AM -0700, Davidlohr Bueso wrote:
> On Tue, 16 Mar 2021, Peter Zijlstra wrote:
> >
> > IIRC we made the explicit choice to never loop here. That saves having
> > to worry about getting stuck in in-kernel loops.
> >
> > Userspace triggering the case where the futex goes corrupt is UB, after
> > that we have no obligation for anything to still work. It's on them,
> > they get to deal with the bits remaining.
>
> I was kind of expecting this answer, honestly. After all, we are warned
> about violations to the 10th:
>
> * [10] There is no transient state which leaves owner and user space
> * TID out of sync. Except one error case where the kernel is denied
> * write access to the user address, see fixup_pi_state_owner().
>
> (btw, should we actually WARN_ON_ONCE this case such that the user is
> well aware things are screwed up?)

I'm not sure WARN is appropriate, it is something unpriv userspace
can trigger at will.

Next message: Horatiu Vultur: "[PATCH net-next v2 0/3] net: ocelot: Extend MRP"
Previous message: Guenter Roeck: "Re: [PATCH v2] hwmon: corsair-psu: add support for critical values"
In reply to: Thomas Gleixner: "Re: [PATCH 2/2] futex: Leave the pi lock stealer in a consistent state upon successful fault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]