lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8274d78a82cded2fc4459fad8c2db6a1b51d7891.camel@web.de>
Date: Sun, 18 May 2025 14:43:30 +0200
From: Bert Karwatzki <spasswolf@....de>
To: Jason Xing <kerneljasonxing@...il.com>
Cc: Johannes Berg <johannes@...solutions.net>,
 "linux-kernel@...r.kernel.org"	 <linux-kernel@...r.kernel.org>,
 "linux-next@...r.kernel.org"	 <linux-next@...r.kernel.org>,
 "llvm@...ts.linux.dev" <llvm@...ts.linux.dev>,  Thomas Gleixner
 <tglx@...utronix.de>, linux-wireless@...r.kernel.org, spasswolf@....de
Subject: Re: lockup and kernel panic in linux-next-202505{09,12} when
 compiled with clang

Am Sonntag, dem 18.05.2025 um 14:12 +0200 schrieb Bert Karwatzki:
> > > > 
> 
> I even tried this version of your patch, to keep the offset of skc_refcnt at 128,
> but it doesn't  work, either.
> 
> commit fca84c5cde713be480544a64ed6680afc3319670
> Author: Bert Karwatzki <spasswolf@....de>
> Date:   Sun May 18 13:32:36 2025 +0200
> 
>     include: net: sock: move skc_flags out of the union
>     
>     Signed-off-by: Bert Karwatzki <spasswolf@....de>
> 
> diff --git a/include/net/sock.h b/include/net/sock.h
> index 3e15d7105ad2..e73929a4da6e 100644
> --- a/include/net/sock.h
> +++ b/include/net/sock.h
> @@ -195,7 +195,6 @@ struct sock_common {
>  	 * for different kind of 'sockets'
>  	 */
>  	union {
> -		unsigned long	skc_flags;
>  		struct sock	*skc_listener; /* request_sock */
>  		struct inet_timewait_death_row *skc_tw_dr; /* inet_timewait_sock */
>  	};
> @@ -221,6 +220,9 @@ struct sock_common {
>  	};
>  
>  	refcount_t		skc_refcnt;
> +
> +	/* place skc_flags here to keep offset(struct sock, sk_refcnt) == 128 */
> +	unsigned long	skc_flags;
>  	/* private: */
>  	int                     skc_dontcopy_end[0];
>  	union {
> 

In the patch above I accidently put skc_flags in the part of struct sock_common
which does not get copied, but putting it below skc_dontcopy_end[0] does not work,
either:

diff --git a/include/net/sock.h b/include/net/sock.h
index 3e15d7105ad2..6d69753a205a 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -195,7 +195,6 @@ struct sock_common {
         * for different kind of 'sockets'
         */
        union {
-               unsigned long   skc_flags;
                struct sock     *skc_listener; /* request_sock */
                struct inet_timewait_death_row *skc_tw_dr; /* inet_timewait_sock */
        };
@@ -221,8 +220,12 @@ struct sock_common {
        };
 
        refcount_t              skc_refcnt;
+
        /* private: */
        int                     skc_dontcopy_end[0];
+       /* place skc_flags here to keep offset(struct sock, sk_refcnt) == 128 
+        * Also place it below skc_dontcopy_end[0] */
+       unsigned long   skc_flags;
        union {
                u32             skc_rxhash;
                u32             skc_window_clamp;

This locks up as usual.

Bert Karwatzki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ