lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 6 Jul 2021 12:49:24 +0200
From:   Frederic Weisbecker <frederic@...nel.org>
To:     Steffen Klassert <steffen.klassert@...unet.com>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        "David S . Miller" <davem@...emloft.net>,
        "Ahmed S . Darwish" <a.darwish@...utronix.de>,
        stable@...r.kernel.org, Varad Gautam <varad.gautam@...e.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        netdev@...r.kernel.org
Subject: Re: [PATCH] xfrm: Fix RCU vs hash_resize_mutex lock inversion

On Mon, Jul 05, 2021 at 01:58:50PM +0200, Steffen Klassert wrote:
> On Wed, Jun 30, 2021 at 08:57:53AM +0200, Steffen Klassert wrote:
> > On Mon, Jun 28, 2021 at 03:34:28PM +0200, Frederic Weisbecker wrote:
> > > xfrm_bydst_resize() calls synchronize_rcu() while holding
> > > hash_resize_mutex. But then on PREEMPT_RT configurations,
> > > xfrm_policy_lookup_bytype() may acquire that mutex while running in an
> > > RCU read side critical section. This results in a deadlock.
> > > 
> > > In fact the scope of hash_resize_mutex is way beyond the purpose of
> > > xfrm_policy_lookup_bytype() to just fetch a coherent and stable policy
> > > for a given destination/direction, along with other details.
> > > 
> > > The lower level net->xfrm.xfrm_policy_lock, which among other things
> > > protects per destination/direction references to policy entries, is
> > > enough to serialize and benefit from priority inheritance against the
> > > write side. As a bonus, it makes it officially a per network namespace
> > > synchronization business where a policy table resize on namespace A
> > > shouldn't block a policy lookup on namespace B.
> > > 
> > > Fixes: 77cc278f7b20 (xfrm: policy: Use sequence counters with associated lock)
> > > Cc: stable@...r.kernel.org
> > > Cc: Ahmed S. Darwish <a.darwish@...utronix.de>
> > > Cc: Peter Zijlstra (Intel) <peterz@...radead.org>
> > > Cc: Varad Gautam <varad.gautam@...e.com>
> > > Cc: Steffen Klassert <steffen.klassert@...unet.com>
> > > Cc: Herbert Xu <herbert@...dor.apana.org.au>
> > > Cc: David S. Miller <davem@...emloft.net>
> > > Signed-off-by: Frederic Weisbecker <frederic@...nel.org>
> > 
> > Your patch has a conflicht with ("commit d7b0408934c7 xfrm: policy: Read
> > seqcount outside of rcu-read side in xfrm_policy_lookup_bytype")
> > from Varad. Can you please rebase onto the ipsec tree?
> 
> This patch is now applied to the ipsec tree (on top of the
> revert of commit d7b0408934c7).
> 
> Thanks everyone!

Thanks a lot!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ