Join us and work from home

Torvalds, the creator of the Linux kernel.

Quoting from here (emphasis added):

Torvalds added that in the Linux kernel, there are a lot of security checks, including static analysis and fuzz testing, to help identify vulnerabilities.

But of course:

“You may not reach absolute security, but people that deploy default models are so much better off today; we're making obvious improvements,” Torvalds said of Linux kernel security.

Surely absolute security isn't possible.

It comes into my mind a piece of Linux kernel code I stumbled upon few days ago (kernel/sched/core.c):

/*
 * ...
 * Caller must hold rcu_lock or sufficient equivalent.
 */
int walk_tg_tree_from(struct task_group *from,
                 tg_visitor down, tg_visitor up, void *data)
{
    struct task_group *parent, *child;
    int ret;

    parent = from;

down:
    ret = (*down)(parent, data);
    if (ret)
        goto out;
    list_for_each_entry_rcu(child, &parent->children, siblings) {
        parent = child;
        goto down;

up:
        continue;
    }
    ret = (*up)(parent, data);
    if (ret || parent == from)
        goto out;

    child = parent;
    parent = parent->parent;
    if (parent)
        goto up;
out:
    return ret;
}

Here we should know something about what it's doing, why and how. Readings which could help:

• list_for_each_entry_rcu
• Avoiding Locks: Read Copy Update
• What is RCU?

A bit.

Anyway, are there any kind of vulnerabilities?

Are all the callers holding the rcu_lock or sufficient equivalent?

I bet the answer is yes. I also suppose that Torvalds and few others have a holistic picture of everything's going on into the whole kernel — can it be split reductionistically in interacting parts (which can be understood separately)? I suppose the answer is yes, again, but this is another tale.

Is there a way to check if currently it is true that all the callers hold the rcu_lock or sufficient equivalent?

Maybe to answer without a previous history of checks on each contribution someone should check every caller, patiently and carefully, digging into the call tree to see if all the inputs are ok… (fuzz testing would help…).

It has been, is and always will be easier to check every improvement, every contribution, every new line of code step by step, each time it has been merged into the source. It's better if a software grows incrementally, not suddenly in the middle of the night, when everybody's sleeping.

Thus, do not do tomorrow what you can and should do today…

Home working

… and relax in your happy home:

“I work from my home office in a bathrobe. It's not a glamorous life,” Torvalds said.

Because a relaxing habitat will improve greatly your efficiency and reduce the likelihood of mistakes.