lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <9371a3ab-3637-4106-bee5-9280abb5f5ae@vrvis.at>
Date: Thu, 12 Sep 2024 12:58:46 +0200
From: Valentin Kleibel <valentin@...is.at>
To: Chun-Yi Lee <joeyli.kernel@...il.com>, Justin Sanders <justin@...aid.com>
Cc: Jens Axboe <axboe@...nel.dk>, Pavel Emelianov <xemul@...nvz.org>,
 Kirill Korotaev <dev@...nvz.org>, "David S . Miller" <davem@...emloft.net>,
 Nicolai Stange <nstange@...e.com>, Greg KH <gregkh@...uxfoundation.org>,
 linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
 Chun-Yi Lee <jlee@...e.com>
Subject: Re: [PATCH v2] aoe: fix the potential use-after-free problem in more
 places

> Then Nicolai Stange found more places in aoe have potential use-after-free
> problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe()
> and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push
> packet to tx queue. So they should also use dev_hold() to increase the
> refcnt of skb->dev.

We've tested your patch on our servers and ran into an issue.
With heavy I/O load the aoe device had stale I/Os (e.g. rsync waiting 
indefinetly on one core) that can be "fixed" by running aoe-revalidate 
on that device.

Additionally when trying to shut down the system we see the message:
unregister_netdevice: waiting for XXX to become free. Usage Count = XXXXX
on aoe devices with a usage count somewhere in the millions.
This has been the same as without the patch, i assume the fix is still 
incomplete.

Thanks for your work,
Valentin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ