lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAHTyZGzSzNXALjdRSK-a=29vRn=rNgKY3VD0pyhsa1pY5M4-KA@mail.gmail.com>
Date: Tue, 1 Oct 2024 16:39:32 +0200
From: ericnetdev dumazet <erdnetdev@...il.com>
To: Stefan Wiehler <stefan.wiehler@...ia.com>
Cc: Eric Dumazet <edumazet@...gle.com>, "David S . Miller" <davem@...emloft.net>, 
	David Ahern <dsahern@...nel.org>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, 
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Petr Malat <oss@...at.biz>
Subject: Re: [PATCH net v2] ip6mr: Fix lockdep and sparse RCU warnings

Le mar. 1 oct. 2024 à 16:36, Stefan Wiehler <stefan.wiehler@...ia.com> a écrit :
>
> > This could be a lockdep annotation error then, at least for
> > RT6_TABLE_DFLT, oh well.
>
> As you have already explained, we can ignore the ip6mr_vif_seq_start() error
> path, so the issue boils down to ip6mr_get_table() being called without
> entering a RCU read-side critical section from these 4 functions:
> ipmr_vif_seq_start(), ip6mr_ioctl(), ip6mr_compat_ioctl() and
> ip6mr_get_route(). It is my understanding that in none of these four cases the
> RTNL lock is held either; at least according to the RCU-lockdep splat we
> clearly see that this is not the case in ip6mr_ioctl()  – but please correct me
> if I'm wrong.
>
> > Note that net/ipv4/ipmr.c would have a similar issue.
>
> Yes, looks indeed like that :-/
>
> > Please split your patch in small units, their Fixes: tags are likely
> > different, and if some code breaks something,
> > fixing the issue will be easier.
> >
> > The changelog seemed to only address the first ip6mr_vif_seq_start() part.
>
> If you prefer that I can split the change into 4 commits addressing each of the
> 4 functions mentioned before.

Yes please. Extending rcu_read_lock() sections needs inspection,
because we can not sleep there.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ