lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <87h8eb854d.fsf@xmission.com>
Date:   Mon, 14 Jan 2019 12:29:38 -0600
From:   ebiederm@...ssion.com (Eric W. Biederman)
To:     zzoru <zzoru007@...il.com>
Cc:     Dmitry Vyukov <dvyukov@...gle.com>,
        Kirill Tkhai <ktkhai@...tuozzo.com>,
        "davem\@davemloft.net" <davem@...emloft.net>,
        Andrey Vagin <avagin@...tuozzo.com>,
        "dsahern\@gmail.com" <dsahern@...il.com>,
        "nicolas.dichtel\@6wind.com" <nicolas.dichtel@...nd.com>,
        "tyhicks\@canonical.com" <tyhicks@...onical.com>,
        "netdev\@vger.kernel.org" <netdev@...r.kernel.org>,
        "linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
        "syzkaller\@googlegroups.com" <syzkaller@...glegroups.com>
Subject: Re: net/core: BUG in copy_net_ns()

zzoru <zzoru007@...il.com> writes:

> I think that it is exactly same to:
> https://groups.google.com/forum/#!searchin/linux.kernel/cleanup_net$20is$20slow%7Csort:date/linux.kernel/IMJ9OzonDSI/QH86oy1PAQAJ
> Already, patch was maded, but maybe he forgot to push it.

That patch was made to address speed, and lifetime of network stack
objects.  At best it will make things go faster (a good thing), and
reduce the memory consumption during a test (another good thing).
The patch you point to will not correct your memory corruption.

So right now the best hypothesis seems to be Dmitriy's idea that
there is stack overflow causing corruption. You have a lot of stack
debugging already enabled but I don't see CONFIG_VMAP_STACK enabled
which might catch something ordinary stack overflow checking won't.

Any chance you can enable CONFIG_VMAP_STACK and see if it is stack
overflow?

With a little luck you will catch the stack overflow in the act and we
can see the problematic code path.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ