| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9371a3ab-3637-4106-bee5-9280abb5f5ae@vrvis.at> Date: Thu, 12 Sep 2024 12:58:46 +0200 From: Valentin Kleibel <valentin@...is.at> To: Chun-Yi Lee <joeyli.kernel@...il.com>, Justin Sanders <justin@...aid.com> Cc: Jens Axboe <axboe@...nel.dk>, Pavel Emelianov <xemul@...nvz.org>, Kirill Korotaev <dev@...nvz.org>, "David S . Miller" <davem@...emloft.net>, Nicolai Stange <nstange@...e.com>, Greg KH <gregkh@...uxfoundation.org>, linux-block@...r.kernel.org, linux-kernel@...r.kernel.org, Chun-Yi Lee <jlee@...e.com> Subject: Re: [PATCH v2] aoe: fix the potential use-after-free problem in more places > Then Nicolai Stange found more places in aoe have potential use-after-free > problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe() > and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push > packet to tx queue. So they should also use dev_hold() to increase the > refcnt of skb->dev. We've tested your patch on our servers and ran into an issue. With heavy I/O load the aoe device had stale I/Os (e.g. rsync waiting indefinetly on one core) that can be "fixed" by running aoe-revalidate on that device. Additionally when trying to shut down the system we see the message: unregister_netdevice: waiting for XXX to become free. Usage Count = XXXXX on aoe devices with a usage count somewhere in the millions. This has been the same as without the patch, i assume the fix is still incomplete. Thanks for your work, Valentin
Powered by blists - more mailing lists