lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 15 Jul 2023 11:20:34 -0600
From: David Ahern <dsahern@...nel.org>
To: Ido Schimmel <idosch@...dia.com>, netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
 edumazet@...gle.com, naresh.kamboju@...aro.org
Subject: Re: [PATCH net] vrf: Fix lockdep splat in output path

On 7/15/23 9:36 AM, Ido Schimmel wrote:
> Cited commit converted the neighbour code to use the standard RCU
> variant instead of the RCU-bh variant, but the VRF code still uses
> rcu_read_lock_bh() / rcu_read_unlock_bh() around the neighbour lookup
> code in its IPv4 and IPv6 output paths, resulting in lockdep splats
> [1][2]. Can be reproduced using [3].
> 
> Fix by switching to rcu_read_lock() / rcu_read_unlock().
> 

...

> [3]
> #!/bin/bash
> 
> ip link add name vrf-red up numtxqueues 2 type vrf table 10
> ip link add name swp1 up master vrf-red type dummy
> ip address add 192.0.2.1/24 dev swp1
> ip address add 2001:db8:1::1/64 dev swp1
> ip neigh add 192.0.2.2 lladdr 00:11:22:33:44:55 nud perm dev swp1
> ip neigh add 2001:db8:1::2 lladdr 00:11:22:33:44:55 nud perm dev swp1
> ip vrf exec vrf-red ping 192.0.2.2 -c 1 &> /dev/null
> ip vrf exec vrf-red ping6 2001:db8:1::2 -c 1 &> /dev/null
> 
> Fixes: 09eed1192cec ("neighbour: switch to standard rcu, instead of rcu_bh")
> Reported-by: Naresh Kamboju <naresh.kamboju@...aro.org>
> Link: https://lore.kernel.org/netdev/CA+G9fYtEr-=GbcXNDYo3XOkwR+uYgehVoDjsP0pFLUpZ_AZcyg@mail.gmail.com/
> Signed-off-by: Ido Schimmel <idosch@...dia.com>
> ---
> Using the "Link" tag instead of "Closes" since there are two reports in
> the link, but I can only reproduce the second.
> 
> I believe that the rcu_read_lock_bh() / rcu_read_unlock_bh() in
> vrf_finish_direct() can be removed since dev_queue_xmit_nit() uses
> rcu_read_lock() / rcu_read_unlock(). I will send a patch to net-next
> after confirming it.
> ---
>  drivers/net/vrf.c | 12 ++++++------
>  1 file changed, 6 insertions(+), 6 deletions(-)
> 

Reviewed-by: David Ahern <dsahern@...nel.org>

Thanks, Ido.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ