Re: BUG: KCSAN: data-race in add_device_randomness+0x20d/0x290

[Jason A. Donenfeld]

Hi Paul,

Thanks for the new report. This looks like likely the same sort of
issue as before -- it's on a 1 byte read of the data that's being
passed to add_device_randomness by release_task(). It looks like there
might be a race in release_task():

void release_task(struct task_struct *p)
{
[...]
        cgroup_release(p);

        write_lock_irq(&tasklist_lock);
        ptrace_release_task(p);
        thread_pid = get_pid(p->thread_pid);
        __exit_signal(p);
[...]
}
static void __exit_signal(struct task_struct *tsk)
{
[...]
       add_device_randomness((const void*) &tsk->se.sum_exec_runtime,
                             sizeof(unsigned long long));
[...]
}

Apparently the data that is being read by add_device_randomness() is
being modified while it's being read. This would be whatever is in
`tsk->se.sum_exec_runtime`.

I'm not sure what's happening there, if this is "normal" and the task
can be scheduled out while exiting, causing the schedule to add to
sum_exec_runtime, or what. CCing some people who seem to have touched
this code, and maybe that'll help illuminate things.

Thanks,
Jason