lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 13 Jun 2022 07:02:39 -0400
From:   Paul Gortmaker <paul.gortmaker@...driver.com>
To:     Russell King <linux@...linux.org.uk>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-kernel@...r.kernel.org
Subject: RFC: repeated insmod/rmmod and DEBUG_KOBJECT_RELEASE - do we care?

If a person has CONFIG_DEBUG_KOBJECT_RELEASE enabled, and runs a rather
questionable test suite doing a repeated modprobe followed by modprobe -r
it will eventually trigger a duplicate sysfs name warning:

[ 1427.032646] kobject: 'usbserial_generic' (00000000c91a1c2c): kobject_release, parent 00000000890627c7 (delayed 4000)
[...]
[ 1430.110659] kobject: 'usbserial_generic' (00000000a633d9a5): kobject_add_internal: parent: 'drivers', set: 'drivers'
[ 1430.110667] sysfs: cannot create duplicate filename '/bus/usb/drivers/usbserial_generic'
[ 1430.110671] CPU: 2 PID: 1102 Comm: modprobe Not tainted 5.15.38 #7
[ 1430.110678] Call Trace:
[ 1430.110685]  dump_stack_lvl+0x33/0x42
[ 1430.110693]  sysfs_warn_dup+0x51/0x60         <----------
[ 1430.110699]  sysfs_create_dir_ns+0xb8/0xd0

For context to lkml readers, CONFIG_DEBUG_KOBJECT_RELEASE inserts a
random delay of between 2 and 5 seconds before freeing a kobject.

In the above case, the free was delayed 4s by the DEBUG option, but we tried
to reconstruct the same sysfs entry in just 3s elapsed and hence it triggered
the namespace collision warning. 

I'm not convinced this warrants fixing, given the contrived nature of the
root only test, but I did at least want to get it on record, so maybe it
saves someone else some research time, given a similar report.

We could I guess, within the CONFIG_DEBUG_KOBJECT_RELEASE ifdef'd code use
kobject_rename() to add a "-zombie" suffix or something like that, but then
it might mask name space collisions people *do* want to see?

As per above it was seen with usb-serial, but I suspect any driver with a
sysfs kobject could reproduce the issue.  I also didn't reproduce on the
latest kernel but I can't imagine anything has changed in this area.

Paul.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ