lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 14 Nov 2008 09:41:12 +0300
From:	Alexey Dobriyan <adobriyan@...il.com>
To:	Eric Dumazet <dada1@...mosbay.com>
Cc:	David Miller <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH v3] net: #ifdef inet_bind_bucket::ib_net

On Fri, Nov 14, 2008 at 07:21:13AM +0100, Eric Dumazet wrote:
> Alexey Dobriyan a écrit :
>> On Fri, Nov 14, 2008 at 05:54:26AM +0100, Eric Dumazet wrote:
>>> David Miller a écrit :
>>>> From: Eric Dumazet <dada1@...mosbay.com>
>>>> Date: Fri, 14 Nov 2008 05:36:15 +0100
>>>>
>>>>> This is better because :
>>>>>
>>>>> 1) No #ifdef CONFIG_NET_NS
>>>>>
>>>>> 2) The magic about &init_net is not duplicated in ten different include files, but
>>>>>    centralized in the right file : include/net/net_namespace.h
>>>> I %100 agree.
>>> Speaking of those functions, what do you think of this one ?
>>>
>>> static inline
>>> void dev_net_set(struct net_device *dev, struct net *net)
>>> {
>>> #ifdef CONFIG_NET_NS
>>>        release_net(dev->nd_net);
>>>        dev->nd_net = hold_net(net);
>>> #endif
>>> }
>>>
>>> I believe that its safer to hold a reference on "new" *before*
>>> releasing reference on "old" object.
>>>
>>> Also, release_net() and hold_net() can be defined to do
>>> the use_count refcounting regardless of CONFIG_NET_NS
>>> (Its a different NETNS_REFCNT_DEBUG #ifdef)
>>
>> NETNS_REFCNT_DEBUG makes sense only with NET_NS=y because init_net
>> is never freed.
>
> It makes sense when you want to debug things, without full NET_NS

It doesn't work without NET_NS at all.

Check triggers right before netns is freed, and init_net is never freed.
You can move the check (interesting, to where?) or watch usecount live
somehow.

> Check CONFIG_PROVE_LOCKING or other debugging stuff
>
> CONFIG_SMP can be unset, still we are able to check spinlocks are
> lock()/unlock() are correctly paired
>
>>
>>> Yet another example where read_pnet() and write_pnet()
>>> are the right answer : Its cleaner and fixes *bugs*.
>>
>> pnet stuff by definition can't fix bugs :-)
>
> It will, I bet it.
>
> Cant you see difference between
>
> #ifdef CONFIG_NET_NS
> 	ptr->net = expression;
> #endif
>
> and
>
> write_pnet(&ptr->net, expression);
>
> Answer : In the 2nd case, (expression) is evaluated.
>
> In case its evaluation has side effects (like... refcounting), it makes a huge difference.

We don't do such tricky thing with netns pointers. It either comes from somewhere (netdevice)
and you use it as is or it's &init_net.

It's almost a cookie, nobody evaluates cookies. Such code should rejected.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ