lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 24 Mar 2020 12:30:41 +0000
From:   Taehee Yoo <ap420073@...il.com>
To:     davem@...emloft.net, kuba@...nel.org, gregkh@...uxfoundation.org,
        rafael@...nel.org, j.vosburgh@...il.com, vfalico@...il.com,
        andy@...yhouse.net, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Cc:     ap420073@...il.com, mitch.a.williams@...el.com
Subject: [PATCH net 0/3] net: core: avoid unexpected situation in namespace change routine

This patchset is to avoid an unexpected situation when an interface's
namespace is being changed.

When interface's namespace is being changed, dev_change_net_namespace()
is called. This removes and re-allocates many resources that include
sysfs files. The "/net/class/net/<interface name>" is one of them.
If the sysfs creation routine(device_rename()) found duplicate sysfs
file name, it warns about it and fails. But unfortunately, at that point,
dev_change_net_namespace() doesn't return fail because rollback cost
is too high.
So, the interface can't have a sysfs file.

The approach of this patchset is to find the duplicate sysfs file as
fast as possible. If it found that, dev_change_net_namespace() returns
fail immediately with zero rollback cost.

1. The first patch is to add class_find_and_get_file_ns() helper function.
That function will be used for checking the existence of duplicate
sysfs file.
2. The second patch is to add netdev_class_has_file_ns().
That function is to check whether duplicate sysfs file in
the "/sys/class/net*" using class_find_and_get_file_ns().
3. The last patch is to avoid an unexpected situation.
a) If duplicate sysfs is existing, it fails as fast as possible in
the dev_change_net_namespace()
b) Acquire rtnl_lock() in both bond_create_sysfs() and bond_destroy_sysfs()
to avoid race condition.
c) Do not remove "/sys/class/net/bonding_masters" sysfs file by
bond_destroy_sysfs() if the file wasn't created by bond_create_sysfs().

Test commands#1:
    ip netns add nst 
    ip link add bonding_masters type dummy
    modprobe bonding
    ip link set bonding_masters netns nst 

Test commands#2:
    ip link add bonding_masters type dummy
    ls /sys/class/net
    modprobe bonding
    modprobe -rv bonding
    ls /sys/class/net

After removing the bonding module, we can see the "bonding_masters"
interface's sysfs will be removed.
This is an unexpected situation.

Taehee Yoo (3):
  class: add class_find_and_get_file_ns() helper function
  net: core: add netdev_class_has_file_ns() helper function
  net: core: avoid warning in dev_change_net_namespace()

 drivers/base/class.c             | 12 ++++++++++++
 drivers/net/bonding/bond_sysfs.c | 13 ++++++++++++-
 include/linux/device/class.h     |  4 +++-
 include/linux/netdevice.h        |  2 +-
 include/net/bonding.h            |  1 +
 net/core/dev.c                   |  4 ++++
 net/core/net-sysfs.c             | 13 +++++++++++++
 7 files changed, 46 insertions(+), 3 deletions(-)

-- 
2.17.1

Powered by blists - more mailing lists