lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1450039390.9768.30.camel@edumazet-glaptop2.roam.corp.google.com>
Date:	Sun, 13 Dec 2015 12:43:10 -0800
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Ben Hutchings <ben@...adent.org.uk>
Cc:	Luis Henriques <luis.henriques@...onical.com>,
	Eric Dumazet <edumazet@...gle.com>,
	Steffen Klassert <steffen.klassert@...unet.com>,
	"David S. Miller" <davem@...emloft.net>,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	kernel-team@...ts.ubuntu.com
Subject: Re: [PATCH 3.16.y-ckt 009/126] sit: fix sit0 percpu double
 allocations

On Sun, 2015-12-13 at 20:20 +0000, Ben Hutchings wrote:
> On Sun, 2015-12-13 at 18:54 +0000, Luis Henriques wrote:
> > On Sat, Dec 12, 2015 at 04:18:26AM +0000, Ben Hutchings wrote:
> > > On Wed, 2015-12-09 at 09:36 +0000, Luis Henriques wrote:
> > > > 3.16.7-ckt21 -stable review patch.  If anyone has any objections,
> > > > please let me know.
> > > > 
> > > > ------------------
> > > > 
> > > > From: Eric Dumazet <edumazet@...gle.com>
> > > > 
> > > > commit 4ece9009774596ee3df0acba65a324b7ea79387c upstream.
> > > > 
> > > > sit0 device allocates its percpu storage twice :
> > > > - One time in ipip6_tunnel_init()
> > > > - One time in ipip6_fb_tunnel_init()
> > > > 
> > > > Thus we leak 48 bytes per possible cpu per network namespace
> > > > dismantle.
> > > > 
> > > > ipip6_fb_tunnel_init() can be much simpler and does not
> > > > return an error, and should be called after register_netdev()
> > > [...]
> > > 
> > > Doesn't this introduce a race condition when sit is a module?  There
> > > seems to be nothing to prevent access to the partially initialised
> > > device after calling register_netdev(), if sit_init_net() is called
> > > during module loading rather than during namespace creation.
> > > 
> > 
> > This seems to be an upstream issue, not specific to the 3.16.y-ckt
> > stable kernel.  If that is the case, I guess I'll just keep this patch
> > and later apply the fix.  Or do you think this race is really likely
> > to be a worst problem than then issue the patch is trying to fix?
> 
> It seems worse than the problem being fixed.

1) Sorry Ben, I do not understand the problem you mention.
   What is a partially initialized device exactly ?

2) I have no idea why this patch is even backported to 3.16,
 since it is fixing a problem added in 3.18 :

# git describe --contains ebe084aafb7e
v3.18-rc5~22^2~42^2~1

If your 3.16 kernel survives this loop without consuming memory like
crazy, then the backport is not needed.

modprobe sit
while :
do
 ip netns add ns1
 ip netns delete ns1
done




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ