lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 27 Oct 2018 15:43:28 +0200
From:   Heiner Kallweit <hkallweit1@...il.com>
To:     Oleksandr Natalenko <oleksandr@...alenko.name>,
        Dave Taht <dave.taht@...il.com>,
        "David S. Miller" <davem@...emloft.net>
Cc:     Toke Høiland-Jørgensen <toke@...e.dk>,
        Jamal Hadi Salim <jhs@...atatu.com>,
        Cong Wang <xiyou.wangcong@...il.com>,
        Jiří Pírko <jiri@...nulli.us>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>,
        linux-kernel@...r.kernel.org
Subject: Re: CAKE and r8169 cause panic on upload in v4.19

On 26.10.2018 22:54, Oleksandr Natalenko wrote:
> Hi.
> 
> On 26.10.2018 22:25, Dave Taht wrote:
>> Can you repeat your test, disabling gro splitting in cake?
>>
>> the option is "no-split-gso"
> 
> Still panics. Takes a couple of rounds, but panics.
> 
> Moreover, I've stressed my HTB setup like this too for a longer time, and it panics as well. So, at least, now I have a proof this is not a CAKE-specific thing.
> 
> Also, I've stressed it even with noqueue, and the panic is still there. So, this thing is not even sch-specific.
> 
> Next, I've seen GRO bits in the call trace and decided to disable GRO on this NIC. So far, I cannot trigger a panic with GRO disabled even after 20 rounds of speedtest.
> 
> So, must be some generic thing indeed.
> 
In net-next there's the following patch which mentions in the
description that it "eliminates spurious list pointer poisoning":
992cba7e276d ("net: Add and use skb_list_del_init().") 
And spurious list pointer poisoning is what we see here (IMO).

As an idea this patch and a8305bff6852 ("net: Add and use skb_mark_not_on_list().")
from net-next could be applied on top of 4.19. Would be curious
whether it fixes the issue.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ