# git rev-parse -q --verify b4b27b9eed8ebdbf9f3046197d29d733c8c944f3^{commit} b4b27b9eed8ebdbf9f3046197d29d733c8c944f3 already have revision, skipping fetch # git checkout -q -f -B kisskb b4b27b9eed8ebdbf9f3046197d29d733c8c944f3 # git clean -qxdf # < git log -1 # commit b4b27b9eed8ebdbf9f3046197d29d733c8c944f3 # Author: Linus Torvalds # Date: Sun Jun 27 13:32:54 2021 -0700 # # Revert "signal: Allow tasks to cache one sigqueue struct" # # This reverts commits 4bad58ebc8bc4f20d89cff95417c9b4674769709 (and # 399f8dd9a866e107639eabd3c1979cd526ca3a98, which tried to fix it). # # I do not believe these are correct, and I'm about to release 5.13, so am # reverting them out of an abundance of caution. # # The locking is odd, and appears broken. # # On the allocation side (in __sigqueue_alloc()), the locking is somewhat # straightforward: it depends on sighand->siglock. Since one caller # doesn't hold that lock, it further then tests 'sigqueue_flags' to avoid # the case with no locks held. # # On the freeing side (in sigqueue_cache_or_free()), there is no locking # at all, and the logic instead depends on 'current' being a single # thread, and not able to race with itself. # # To make things more exciting, there's also the data race between freeing # a signal and allocating one, which is handled by using WRITE_ONCE() and # READ_ONCE(), and being mutually exclusive wrt the initial state (ie # freeing will only free if the old state was NULL, while allocating will # obviously only use the value if it was non-NULL, so only one or the # other will actually act on the value). # # However, while the free->alloc paths do seem mutually exclusive thanks # to just the data value dependency, it's not clear what the memory # ordering constraints are on it. Could writes from the previous # allocation possibly be delayed and seen by the new allocation later, # causing logical inconsistencies? # # So it's all very exciting and unusual. # # And in particular, it seems that the freeing side is incorrect in # depending on "current" being single-threaded. Yes, 'current' is a # single thread, but in the presense of asynchronous events even a single # thread can have data races. # # And such asynchronous events can and do happen, with interrupts causing # signals to be flushed and thus free'd (for example - sending a # SIGCONT/SIGSTOP can happen from interrupt context, and can flush # previously queued process control signals). # # So regardless of all the other questions about the memory ordering and # locking for this new cached allocation, the sigqueue_cache_or_free() # assumptions seem to be fundamentally incorrect. # # It may be that people will show me the errors of my ways, and tell me # why this is all safe after all. We can reinstate it if so. But my # current belief is that the WRITE_ONCE() that sets the cached entry needs # to be a smp_store_release(), and the READ_ONCE() that finds a cached # entry needs to be a smp_load_acquire() to handle memory ordering # correctly. # # And the sequence in sigqueue_cache_or_free() would need to either use a # lock or at least be interrupt-safe some way (perhaps by using something # like the percpu 'cmpxchg': it doesn't need to be SMP-safe, but like the # percpu operations it needs to be interrupt-safe). # # Fixes: 399f8dd9a866 ("signal: Prevent sigqueue caching after task got released") # Fixes: 4bad58ebc8bc ("signal: Allow tasks to cache one sigqueue struct") # Cc: Thomas Gleixner # Cc: Peter Zijlstra # Cc: Oleg Nesterov # Cc: Christian Brauner # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/mips-linux/bin/mips-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/mips-linux/bin/mips-linux-ld --version # < git log --format=%s --max-count=1 b4b27b9eed8ebdbf9f3046197d29d733c8c944f3 # < make -s -j 120 ARCH=mips O=/kisskb/build/linus_mips-defconfig_mips-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/mips-linux/bin/mips-linux- defconfig # < make -s -j 120 ARCH=mips O=/kisskb/build/linus_mips-defconfig_mips-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/mips-linux/bin/mips-linux- help # make -s -j 120 ARCH=mips O=/kisskb/build/linus_mips-defconfig_mips-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/mips-linux/bin/mips-linux- olddefconfig # make -s -j 120 ARCH=mips O=/kisskb/build/linus_mips-defconfig_mips-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/mips-linux/bin/mips-linux- FIT description: Linux 5.13.0-rc7-gb4b27b9eed8e Created: Sat Jul 17 12:21:48 2021 Image 0 (kernel) Description: Linux 5.13.0-rc7-gb4b27b9eed8e Created: Sat Jul 17 12:21:48 2021 Type: Kernel Image Compression: gzip compressed Data Size: 5335045 Bytes = 5210.00 KiB = 5.09 MiB Architecture: MIPS OS: Linux Load Address: 0x80100000 Entry Point: 0x809cf3b0 Hash algo: sha1 Hash value: ecfa3f83ae4cf61509666dcd639739df0c45e7d4 Image 1 (fdt-boston) Description: img,boston Device Tree Created: Sat Jul 17 12:21:48 2021 Type: Flat Device Tree Compression: uncompressed Data Size: 3793 Bytes = 3.70 KiB = 0.00 MiB Architecture: MIPS Hash algo: sha1 Hash value: 4799f50d688573234da6e9d7701234d394759ef4 Image 2 (fdt-ni169445) Description: NI 169445 device tree Created: Sat Jul 17 12:21:48 2021 Type: Flat Device Tree Compression: uncompressed Data Size: 1871 Bytes = 1.83 KiB = 0.00 MiB Architecture: MIPS Hash algo: sha1 Hash value: 51b89b31605ee62038c8468c429af091dfc75ec7 Image 3 (fdt-ocelot_pcb123) Description: MSCC Ocelot PCB123 Device Tree Created: Sat Jul 17 12:21:48 2021 Type: Flat Device Tree Compression: uncompressed Data Size: 4659 Bytes = 4.55 KiB = 0.00 MiB Architecture: MIPS Hash algo: sha1 Hash value: 5bcb6e4f21e8e5372544aa130b3bd097355a9050 Image 4 (fdt-ocelot_pcb120) Description: MSCC Ocelot PCB120 Device Tree Created: Sat Jul 17 12:21:48 2021 Type: Flat Device Tree Compression: uncompressed Data Size: 5418 Bytes = 5.29 KiB = 0.01 MiB Architecture: MIPS Hash algo: sha1 Hash value: 93d882f2009a217e0fa9dab94788535ed2be8476 Image 5 (fdt-xilfpga) Description: MIPSfpga (xilfpga) Device Tree Created: Sat Jul 17 12:21:48 2021 Type: Flat Device Tree Compression: uncompressed Data Size: 2708 Bytes = 2.64 KiB = 0.00 MiB Architecture: MIPS Hash algo: sha1 Hash value: 63d058b780f65e22da30f0a183433765f1807f1d Default Configuration: 'conf-default' Configuration 0 (conf-default) Description: Generic Linux kernel Kernel: kernel Configuration 1 (conf-boston) Description: Boston Linux kernel Kernel: kernel FDT: fdt-boston Configuration 2 (conf-ni169445) Description: NI 169445 Linux Kernel Kernel: kernel FDT: fdt-ni169445 Configuration 3 (conf-ocelot_pcb123) Description: Ocelot Linux kernel Kernel: kernel FDT: fdt-ocelot_pcb123 Configuration 4 (conf-ocelot_pcb120) Description: Ocelot Linux kernel Kernel: kernel FDT: fdt-ocelot_pcb120 Configuration 5 (conf-xilfpga) Description: MIPSfpga Linux kernel Kernel: kernel FDT: fdt-xilfpga Completed OK # rm -rf /kisskb/build/linus_mips-defconfig_mips-gcc8 # Build took: 0:01:09.593187