RCU's First-Ever CVE, and How I Lived to Tell the Tale
There was a time when I thought that Linux-kernel RCU was so low level that it was immune to security exploits. However, the 2014 advent of Rowhammer (https://en.wikipedia.org/wiki/Row_hammer) put paid to that naive thought. After all, if the black hats can hit the DRAM, they can surely hit RCU! And in early 2018, an RCU-related CVE duly appeared. Now, RCU was operating as advertised, but it had a usability bug which lured a developer into mixing RCU flavors, which has about the same effect on your kernel's actuarial statistics as would acquiring the wrong lock. So yes, usability bugs are real, so much so that they can result in security exploits! Who knew? Linus therefore asked if I could prevent future such exploits by consolidating the three RCU flavors (RCU-bh, RCU-preempt, and RCU-sched) into one flavor to rule them all. This talk will briefly cover this consolidation, highlighting a few war stories and lessons (re)learned along the way.
Paul E. McKenney