lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1264782806.3184.42.camel@edumazet-laptop>
Date:	Fri, 29 Jan 2010 17:33:26 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Alexey Dobriyan <adobriyan@...il.com>
Cc:	Luca Tettamanti <kronos.it@...il.com>,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
	David Miller <davem@...emloft.net>
Subject: [PATCH] xfrm: Change initializations order in ipsec_pfkey_init()

Le vendredi 29 janvier 2010 à 16:22 +0100, Eric Dumazet a écrit :
> Le vendredi 29 janvier 2010 à 12:17 +0200, Alexey Dobriyan a écrit :
> > On Fri, Jan 29, 2010 at 11:48 AM, Luca Tettamanti <kronos.it@...il.com> wrote:
> > > with recent kernels I'm seeing this BUG - triggered by racoon - at boot:
> > >
> > > NET: Registered protocol family 15
> > > ------------[ cut here ]------------
> > > kernel BUG at /home/kronos/src/linux-2.6.git/include/net/netns/generic.h:43!
> > > invalid opcode: 0000 [#1] PREEMPT SMP
> > > last sysfs file: /sys/kernel/uevent_seqnum
> > > CPU 1
> > > Pid: 1941, comm: racoon Not tainted 2.6.33-rc5-00271-gbe8cde8-dirty #238 F3Sa      /F3Sa
> > > RIP: 0010:[<ffffffffa03035be>]  [<ffffffffa03035be>] pfkey_create+0x36/0x18b [af_key]
> > 
> > Does it triggers after succesfull boot if you do
> > 
> >     rmmod af_key; modprobe af_key
> > 
> > a couple of times?
> > 
> > Post .config, just in case.
> 
> I am looking at ipsec_pfkey_init()
> 
> We call sock_register(&pfkey_family_ops) before pfkey_net_id being
> initialized (by the call to register_pernet_subsys(&pfkey_net_ops);
> 
> As soon as sock_register(&pfkey_family_ops) is done, another thread can
> open a socket and call pfkey_create()  -> crash
> 
> We should change order of initializations somehow
> 

Something like this (compiled but not tested) patch ?

Should probably be sent to stable team...

[PATCH] xfrm: Change initializations order in ipsec_pfkey_init()

Before allowing other threads to create PF_KEY sockets, we must make
sure pfkey_net_id is properly initialized.

That means calling register_pernet_subsys(&pfkey_net_ops) before 
sock_register(&pfkey_family_ops)

Reported-by: Luca Tettamanti <kronos.it@...il.com>
Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
---
 net/key/af_key.c |   15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/net/key/af_key.c b/net/key/af_key.c
index 76fa6fe..e399ddf 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -3807,21 +3807,24 @@ static int __init ipsec_pfkey_init(void)
 	if (err != 0)
 		goto out;
 
-	err = sock_register(&pfkey_family_ops);
-	if (err != 0)
-		goto out_unregister_key_proto;
 	err = xfrm_register_km(&pfkeyv2_mgr);
 	if (err != 0)
-		goto out_sock_unregister;
+		goto out_unregister_key_proto;
+
 	err = register_pernet_subsys(&pfkey_net_ops);
 	if (err != 0)
 		goto out_xfrm_unregister_km;
+
+	err = sock_register(&pfkey_family_ops);
+	if (err != 0)
+		goto out_unregister_pernet;
 out:
 	return err;
+
+out_unregister_pernet:
+	unregister_pernet_subsys(&pfkey_net_ops);
 out_xfrm_unregister_km:
 	xfrm_unregister_km(&pfkeyv2_mgr);
-out_sock_unregister:
-	sock_unregister(PF_KEY);
 out_unregister_key_proto:
 	proto_unregister(&key_proto);
 	goto out;


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ