Re: [take23 0/5] kevent: Generic event handling mechanism.

From: Davide Libenzi
Date: Thu Nov 09 2006 - 12:13:42 EST

Next message: Eric W. Biederman: "Re: 2.6.19-rc5 x86_64 irq 22: nobody cared"
Previous message: Eric Sandeen: "Re: [PATCH 1/3] new_inode_autonum: add per-sb lastino counter andadd new_inode_autonum function that guarantees i_ino uniqueness"
In reply to: Eric Dumazet: "Re: [take23 0/5] kevent: Generic event handling mechanism."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 9 Nov 2006, Eric Dumazet wrote:

> > > Lost forever means? If there are more processes watching some fd (external
> > > events), they all get their own copy of the events in their own private
> > > epoll fd. It's not that we "steal" things out of the kernel, is not a 1:1
> > > producer/consumer thing (one producer, 1 queue). It's one producer,
> > > broadcast to all listeners (consumers) thing. The only case where it'd
> > > matter is in the case of multiple threads sharing the same epoll fd.
> >
> > In my particular epoll application, the producer is tcp stack, and I have
> > one consumer. If an network event is lost in the EFAULT handling, its lost
> > forever. In any case, my application do provide a correct user area, so this
> > problem is only theorical.
>
> I realize I was not explicit, and dit not answer your question (Lost forever
> means ?)
>
> if (epi->revents) {
> if (__put_user(epi->revents,
> &events[eventcnt].events) ||
> __put_user(epi->event.data,
> &events[eventcnt].data))
> return -EFAULT;
> >> if (epi->event.events & EPOLLONESHOT)
> >> epi->event.events &= EP_PRIVATE_BITS;
> eventcnt++;
> }
>
> If one EPOLLONESHOT event is correctly copied to user space, its status is
> updated.
>
> If other ready events in the same epoll_wait() call cannot be transferred
> because of an EFAULT (we reach the real end of user provided area), this
> EPOLLONESHOT event is lost forever, because it wont be requeued in ready list.

Your application is feeding crap to the kernel, because of programming
bugs. If that happens, I want an EFAULT and not a partially filled buffer.
And which buffer then? This could have been scribbled in userspace memory
(the pointer), and the try of the kernel to mask out bugs might create
even more subtle problems. Such bug will *never* show up in the up in case
the wrong buffer is partially valid (first part, that is the *only* case
where your fix would make a difference compared to the status quo), since
in case of no ready events we'll never hit it, and in case of some events
we'll always return few of them and never EFAULT. No, the more I think
about it, the more I personally disagree with the change.

> Please dont slow the hot path for a basically "User Error". It's already
> tested in the transfert function, with two conditional
> branches for each transfered event.

Ohh, if you think you can measure them from userspace, those can be turned
in 'err |= __put_user();' with err tested only out of the loop.

- Davide

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric W. Biederman: "Re: 2.6.19-rc5 x86_64 irq 22: nobody cared"
Previous message: Eric Sandeen: "Re: [PATCH 1/3] new_inode_autonum: add per-sb lastino counter andadd new_inode_autonum function that guarantees i_ino uniqueness"
In reply to: Eric Dumazet: "Re: [take23 0/5] kevent: Generic event handling mechanism."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]