lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 26 Dec 2017 23:08:33 +0000
From:   alexander.levin@...izon.com
To:     Willy Tarreau <w@....eu>
CC:     Wei Wang <weiwan@...gle.com>, Martin KaFai Lau <kafai@...com>,
        "Eric Dumazet" <edumazet@...gle.com>,
        "David S. Miller" <davem@...emloft.net>,
        "Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
        Chris Rankin <rankincj@...il.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: BUG warnings in 4.14.9

On Tue, Dec 26, 2017 at 07:59:55PM +0100, Willy Tarreau wrote:
>Guys,
>
>Chris reported the bug below and confirmed that reverting commit
>9704f81 (ipv6: grab rt->rt6i_ref before allocating pcpu rt) seems to
>have fixed the issue for him. This patch is a94b9367 in mainline.
>
>I personally have no opinion on the patch, just found it because it
>was the only one touching this area between 4.14.8 and 4.14.9 :-)
>
>Should this be reverted or maybe fixed differently ?

Hi Willy,

This seems to be fixed upstream:

commit 951f788a80ff8b6339c5c1ab888b0d4b4352efd8
Author: Eric Dumazet <edumazet@...gle.com>
Date:   Sun Oct 8 21:07:18 2017 -0700

    ipv6: fix a BUG in rt6_get_pcpu_route()
    
    Ido reported following splat and provided a patch.
    
    [  122.221814] BUG: using smp_processor_id() in preemptible [00000000] code: sshd/2672
    [  122.221845] caller is debug_smp_processor_id+0x17/0x20
    [  122.221866] CPU: 0 PID: 2672 Comm: sshd Not tainted 4.14.0-rc3-idosch-next-custom #639
    [  122.221880] Hardware name: Mellanox Technologies Ltd. MSN2100-CB2FO/SA001017, BIOS 5.6.5 06/07/2016
    [  122.221893] Call Trace:
    [  122.221919]  dump_stack+0xb1/0x10c
    [  122.221946]  ? _atomic_dec_and_lock+0x124/0x124
    [  122.221974]  ? ___ratelimit+0xfe/0x240
    [  122.222020]  check_preemption_disabled+0x173/0x1b0
    [  122.222060]  debug_smp_processor_id+0x17/0x20
    [  122.222083]  ip6_pol_route+0x1482/0x24a0
    ...
    
    I believe we can simplify this code path a bit, since we no longer
    hold a read_lock and need to release it to avoid a dead lock.
    
    By disabling BH, we make sure we'll prevent code re-entry and
    rt6_get_pcpu_route()/rt6_make_pcpu_route() run on the same cpu.
    
    Fixes: 66f5d6ce53e6 ("ipv6: replace rwlock with rcu and spinlock in fib6_table")
    Reported-by: Ido Schimmel <idosch@...lanox.com>
    Signed-off-by: Eric Dumazet <edumazet@...gle.com>
    Tested-by: Ido Schimmel <idosch@...lanox.com>
    Signed-off-by: David S. Miller <davem@...emloft.net>

Which itself would depend on:

commit d3843fe5fd45be0e04a251a2cc68893c859a31bd
Author: Wei Wang <weiwan@...gle.com>
Date:   Fri Oct 6 12:06:06 2017 -0700

    ipv6: replace dst_hold() with dst_hold_safe() in routing code

Which applies with a small conflict.

-- 

Thanks,
Sasha

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ