lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4843F472.1000306@trash.net>
Date:	Mon, 02 Jun 2008 15:24:02 +0200
From:	Patrick McHardy <kaber@...sh.net>
To:	Jarek Poplawski <jarkao2@...il.com>
CC:	David Miller <davem@...emloft.net>,
	Eric Sesterhenn <snakebyte@....de>, netdev@...r.kernel.org
Subject: Re: [PATCH][NETFILTER]: fix inconsistent lock state in	nf_ct_frag6_gather()

Jarek Poplawski wrote:
> On Mon, Jun 02, 2008 at 12:43:42PM +0200, Patrick McHardy wrote:
>> Jarek Poplawski wrote:
>>> According to this and another similar lockdep report inet_fragment
>>> locks are taken from nf_ct_frag6_gather() with softirqs enabled, but
>>> these locks are mainly used in softirq context, so disabling BHs is
>>> necessary.
>> Yes, this can happen on the local output path,
>>
>>> David & Patrick,
>>>
>>> It looks like this patch could be applied.
>> Looks mostly fine, but don't we also have to disable BHs for
>> the inet_frag_find() call in nf_ct_frag6_gather()?
>>
> 
> Probably I miss something, but I think this patch seems to do it:
> I can see only one such call in nf_ct_frag6_gather() - with
> fq_find()?

Right, I missed that, sorry.

> BTW, it looks like this lockdep warning points at some other possible
> problem: inet_fragment.c uses an SMP "optimization" in
> inet_frag_intern(), probably assuming softirq context; so without such
> BH blocking around inet_frag_find(), there should be at least
> preemption disabled, but I don't know if it's a problem for nf_ct.

Yes, good catch. With your patch things should be fine however.

I've applied your patch and will also push it to -stable.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ