| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 22 Jan 2022 20:40:51 +0100
From: Andrew Lunn <andrew@...n.ch>
To: Sergei Trofimovich <slyich@...il.com>
Cc: Stephen Hemminger <stephen@...workplumber.org>,
netdev@...r.kernel.org
Subject: Re: atl1c drivers run 'napi/eth%d-385' named threads with
unsubstituted %d
> > Oh, yes. I looked at some of the users. And some do take rtnl before
> > calling it. And some don't!
> >
> > Looking at register_netdev(), it seems we need something like:
> >
> > if (rtnl_lock_killable()) {
> > err = -EINTR;
> > goto err_init_netdev;
> > }
> > err = dev_alloc_name(netdev, netdev->name);
> > rtnl_unlock();
> > if (err < 0)
> > goto err_init_netdev;
> >
> >
> > It might also be a good idea to put a ASSERT_RTNL() in
> > __dev_alloc_name() to catch any driver doing this wrong.
I looked at it some more, and some of the current users. And this does
not really work. There is a race condition.
Taking rtnl means you at least get a valid name, while you hold
rtnl. But it does not keep track of the name it just gave out. As a
result, you can release rtnl, and another device can jump in and be
given the same name in register_netdev(). When this driver then calls
register_netdev() the core will notice the clash and return -EEXISTS,
causing the probe to fail.
There are some drivers which take rtnl and keep it until after calling
register_netdevice(), rather than register_netdev(), but this is
rather ugly. And there are some drivers which don't take the lock, and
just hope they don't hit the race.
Maybe a better fix for this driver is:
>From a5fc0e127bdc4b6ba4fb923012729cbf3d529996 Mon Sep 17 00:00:00 2001
From: Andrew Lunn <andrew@...n.ch>
Date: Sat, 22 Jan 2022 13:33:58 -0600
Subject: [PATCH] net: ethernet: atl1c: Move dev_set_threaded() after
register_netdev()
dev_set_threaded() creates new kernel threads to perform napi. The
threads are given a name based on the interface name. However, the
interface is not allocated a name until register_netdev() is called.
By moving the call to dev_set_threaded() to later in the probe
function, odd thread names like napi/eth%d-385 are avoided.
Signed-off-by: Andrew Lunn <andrew@...n.ch>
---
drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/atheros/atl1c/atl1c_main.c b/drivers/net/ethernet/atheros/atl1c/atl1c_main.c
index da595242bc13..9b8088905946 100644
--- a/drivers/net/ethernet/atheros/atl1c/atl1c_main.c
+++ b/drivers/net/ethernet/atheros/atl1c/atl1c_main.c
@@ -2728,7 +2728,7 @@ static int atl1c_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
adapter->mii.mdio_write = atl1c_mdio_write;
adapter->mii.phy_id_mask = 0x1f;
adapter->mii.reg_num_mask = MDIO_CTRL_REG_MASK;
- dev_set_threaded(netdev, true);
+
for (i = 0; i < adapter->rx_queue_count; ++i)
netif_napi_add(netdev, &adapter->rrd_ring[i].napi,
atl1c_clean_rx, 64);
@@ -2781,6 +2781,8 @@ static int atl1c_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
goto err_register;
}
+ dev_set_threaded(netdev, true);
+
cards_found++;
return 0;
--
2.34.1
Powered by blists - more mailing lists