lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 Apr 2017 18:38:54 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Cong Wang <xiyou.wangcong@...il.com>
Cc:     LKML <linux-kernel@...r.kernel.org>
Subject: Re: Boot regression caused by kauditd

On Thu, Apr 27, 2017 at 5:45 PM, Cong Wang <xiyou.wangcong@...il.com> wrote:
> On Thu, Apr 27, 2017 at 2:35 PM, Cong Wang <xiyou.wangcong@...il.com> wrote:
>> On Thu, Apr 27, 2017 at 1:31 PM, Cong Wang <xiyou.wangcong@...il.com> wrote:
>>> On Wed, Apr 26, 2017 at 2:20 PM, Paul Moore <paul@...l-moore.com> wrote:
>>>> Thanks for the report, this is the only one like it that I've seen.
>>>> I'm looking at the code in Linus' tree and I'm not seeing anything
>>>> obvious ... looking at the trace above it appears that the problem is
>>>> when get_net() goes to bump the refcount and the passed net pointer is
>>>> NULL; unless I'm missing something, the only way this would happen in
>>>> kauditd_thread() is if the auditd_conn.pid value is non-zero but the
>>>> auditd_conn.net pointer is NULL.
>>>>
>>>> That shouldn't happen.
>>>>
>>>
>>> Looking at the code that reads/writes the global auditd_conn,
>>> I don't see how it even works with RCU+spinlock, RCU plays
>>> with pointers and you have to make a copy as its name implies.
>>> But it looks like you simply use RCU+spinlock as a traditional
>>> rwlock, it doesn't work.
>>
>> The attached patch seems working for me, I tried to boot my
>> VM for 4 times, so far no crash or warning.
>>
>
> Or even better, save a memory allocation for reset path...

I need to step away from my laptop for the evening so I can't give
this a proper review until tomorrow (sending patches as attachments
makes it difficult to review), but on quick glance I did notice a few
small things I would like to see changed.  However, since there is no
normal commit description and sign-off, I'm guessing you sent these
out as a suggestion and not a proper patch submission, yes/no?  If
that's the case, I'll work up a proper fix tomorrow and share it with
you for comment/review, but if you were planning on sending a proper
patch let me know and I'll wait until I see something in my inbox from
you.

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ