lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 24 Sep 2012 11:42:05 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Gao feng <gaofeng@...fujitsu.com>
Cc:	Jan Engelhardt <jengelh@...i.de>,
	Stephen Hemminger <stephen.hemminger@...tta.com>,
	netdev@...r.kernel.org, davem@...emloft.net, kuznet@....inr.ac.ru
Subject: Re: [PATCH] inet_diag: make config INET_DIAG bool

On Mon, 2012-09-24 at 16:48 +0800, Gao feng wrote:
> 于 2012年09月23日 21:40, Jan Engelhardt 写道:
> > On Sunday 2012-09-23 06:36, Stephen Hemminger wrote:
> > 
> >>> when inet_diag being compiled as module, inet_diag_handler_dump
> >>> set netlink_dump_control.dump to inet_diag_dump,so if module
> >>> inet_diag is unloaded,netlink will still try to call this function
> >>> in netlink_dump. this will cause kernel panic.
> >>
> >> Another way to handle this to just get rid of inet_diag_exit
> >> so that module can be loaded but not unloaded.
> > 
> > Why don't we unset netlink_dump_control.dump on exit?
> 
> 
> Though I like this idea,but it may cause dead lock.
> netlink_dimp [mutex_lock(netlink_sock->cb_mutex) here]
>    |->inet_diag_dump
> 	|->__inet_diag_dump
> 	    |->inet_diag_lock_handler [may try to load tcp_diag here,
> 					so we need module_mutex lock]
> 
> And on module exit,we already get module_mutex lock,
> if we unset netlink_sock->cb,we need to get mutex lock of netlink_sock->cb_mutex.
> 
> I think this will cause dead lock.
> 
> I don't know if I should change this patch as Stephen said,because I don't know
> witch one is better.
> 
> Any comments?

In fact I didnt fully understand the problem you try to address.

If you want to prevent module being unloaded, you need to add proper
module_get()/module_put()

So I would add a "struct module *module;" in struct sock_diag_handler
and use it appropriately.

But then, I might have totally misunderstood the problem.

Care to explain how you trigger the bug ?



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ