lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 17 Jun 2013 12:30:54 +0200
From:	Nikolay Aleksandrov <nikolay@...hat.com>
To:	Veaceslav Falico <vfalico@...hat.com>
CC:	netdev@...r.kernel.org, fubar@...ibm.com, andy@...yhouse.net
Subject: Re: [PATCH net-next] bonding: don't call alb_set_slave_mac_addr()
 while atomic

On 06/16/2013 07:20 PM, Veaceslav Falico wrote:
> alb_set_slave_mac_addr() sets the mac address in alb mode via
> dev_set_mac_address(), which might sleep. It's called from
> alb_handle_addr_collision_on_attach() in atomic context (under
> read_lock(bond->lock)), thus triggering a bug.
> 
> Fix this by moving the lock inside alb_handle_addr_collision_on_attach().
> 
> Signed-off-by: Veaceslav Falico <vfalico@...hat.com>

Hello,
I have an idea about this function, since the
alb_handle_addr_collision_on_attach function needs to check if the slave's mac
address is unique and if it's not it tries to find an address from the other
slaves' permanent addresses. Instead of doing this, my proposition is:
1. this function and the only caller are running always inside RTNL, so I don't
think we need the read_lock at all, there can't be slave manipulation or MAC
address change during that period (if I'm not missing something).
2. the collision handling function can instead always succeed:
  - first walk over the slave list and check if there's a collision and
    also if any of the slaves has bond's MAC address, if there's no collision
    just return
  - if there's a collision:
   - if bond's address is not in use -> set it to the slave and return
   - else set a random MAC to the slave (eth_hw_addr_random) and return
 (and if we simplify it even further in the collision case we can just set a
random MAC always)
This way the code simplifies very nice and we always get a unique slave's MAC.
I've tried this and IMO it looks good.
What do you think ?

Cheers,
 Nik
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ