lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100322065133.GG2517@linux.vnet.ibm.com> Date: Sun, 21 Mar 2010 23:51:33 -0700 From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> To: Robert Olsson <robert@...julf.net> Cc: Andi Kleen <andi@...stfloor.org>, robert.olsson@....uu.se, netdev@...r.kernel.org Subject: Re: RCU problems in fib_table_insert On Mon, Mar 22, 2010 at 07:18:34AM +0100, Robert Olsson wrote: > > Seems like Paul and Eric fixed this problem... We use fib_trie with > major infrastructure but always disable preempt. It was unsafe w. > preempt at least before Jareks P. patches about a year ago. I havn't > tested w. preempt after that but maybe someone else have... Well, if some code path fails either to do rcu_read_lock() or to acquire RTNL, we will see lockdep splats. Though I must admit that I would be surprised if there wasn't more adjustment required in net/ipv4/fib_trie.c -- lots of rcu_dereference()s in there. Thanx, Paul > Cheers > --ro > > Andi Kleen writes: > > Hi, > > > > I got the following warning at boot with a 2.6.34-rc2ish git kernel > > with RCU debugging and preemption enabled. > > > > It seems the problem is that not all callers of fib_find_node > > call it with rcu_read_lock() to stabilize access to the fib. > > > > I tried to fix it, but especially for fib_table_insert() that's rather > > tricky: it does a lot of memory allocations and also route flushing and > > other blocking operations while assuming the original fa is RCU stable. > > > > I first tried to move some allocations to the beginning and keep > > preemption disabled in the rest, but it's difficult with all of them. > > No patch because of that. > > > > Does the fa need an additional reference count for this problem? > > Or perhaps some optimistic locking? > > > > -Andi > > > > > > ================================================== > > [ INFO: suspicious rcu_dereference_check() usage. ] > > --------------------------------------------------- > > /home/lsrc/git/linux-2.6/net/ipv4/fib_trie.c:964 invoked rcu_dereference_check() without protection! > > > > other info that might help us debug this: > > > > > > rcu_scheduler_active = 1, debug_locks = 0 > > 2 locks held by ip/4521: > > #0: (rtnl_mutex){+.+.+.}, at: [<ffffffff816466af>] rtnetlink_rcv+0x1f/0x40 > > #1: ((inetaddr_chain).rwsem){.+.+.+}, at: [<ffffffff8107cde7>] __blocking_notifier_call_chain+0x47/0x90 > > > > stack backtrace: > > Pid: 4521, comm: ip Not tainted 2.6.34-rc2 #5 > > Call Trace: > > [<ffffffff8108b7e9>] lockdep_rcu_dereference+0xb9/0xc0 > > [<ffffffff81696a05>] fib_find_node+0x185/0x1b0 > > [<ffffffff8101155f>] ? save_stack_trace+0x2f/0x50 > > [<ffffffff81699b1c>] fib_table_insert+0xdc/0xa90 > > [<ffffffff8107cde7>] ? __blocking_notifier_call_chain+0x47/0x90 > > [<ffffffff8108edb5>] ? __lock_acquire+0x1485/0x1d50 > > [<ffffffff816926b0>] fib_magic+0xc0/0xd0 > > [<ffffffff81692738>] fib_add_ifaddr+0x78/0x1a0 > > [<ffffffff81692e60>] fib_inetaddr_event+0x50/0x2a0 > > [<ffffffff8173152d>] notifier_call_chain+0x6d/0xb0 > > [<ffffffff8107cdfd>] __blocking_notifier_call_chain+0x5d/0x90 > > [<ffffffff8107ce46>] blocking_notifier_call_chain+0x16/0x20 > > [<ffffffff81688c0a>] __inet_insert_ifa+0xea/0x180 > > [<ffffffff8168971d>] inetdev_event+0x43d/0x490 > > [<ffffffff8173152d>] notifier_call_chain+0x6d/0xb0 > > [<ffffffff8107cb06>] raw_notifier_call_chain+0x16/0x20 > > [<ffffffff81639f00>] __dev_notify_flags+0x40/0xa0 > > [<ffffffff81639fa5>] dev_change_flags+0x45/0x70 > > [<ffffffff81645c2c>] do_setlink+0x2fc/0x4a0 > > [<ffffffff81294176>] ? nla_parse+0x36/0x110 > > [<ffffffff81646d54>] rtnl_newlink+0x444/0x540 > > [<ffffffff8108c44d>] ? mark_held_locks+0x6d/0x90 > > [<ffffffff8172b8c5>] ? mutex_lock_nested+0x335/0x3c0 > > [<ffffffff8164685e>] rtnetlink_rcv_msg+0x18e/0x240 > > [<ffffffff816466d0>] ? rtnetlink_rcv_msg+0x0/0x240 > > [<ffffffff816520b9>] netlink_rcv_skb+0x89/0xb0 > > [<ffffffff816466be>] rtnetlink_rcv+0x2e/0x40 > > [<ffffffff81651b6b>] ? netlink_unicast+0x11b/0x2f0 > > [<ffffffff81651d2c>] netlink_unicast+0x2dc/0x2f0 > > [<ffffffff81630a3c>] ? memcpy_fromiovec+0x7c/0xa0 > > [<ffffffff81652643>] netlink_sendmsg+0x1d3/0x2e0 > > [<ffffffff81624e20>] sock_sendmsg+0xc0/0xf0 > > [<ffffffff8108f9cd>] ? lock_release_non_nested+0x9d/0x340 > > [<ffffffff810fa33b>] ? might_fault+0x7b/0xd0 > > [<ffffffff810fa33b>] ? might_fault+0x7b/0xd0 > > [<ffffffff810fa386>] ? might_fault+0xc6/0xd0 > > [<ffffffff810fa33b>] ? might_fault+0x7b/0xd0 > > [<ffffffff81630bfc>] ? verify_iovec+0x4c/0xe0 > > [<ffffffff81625c3e>] sys_sendmsg+0x1ae/0x360 > > [<ffffffff810fadf9>] ? __do_fault+0x3f9/0x550 > > [<ffffffff810fd143>] ? handle_mm_fault+0x1a3/0x790 > > [<ffffffff8112cc77>] ? fget_light+0xe7/0x2f0 > > [<ffffffff8108c735>] ? trace_hardirqs_on_caller+0x135/0x180 > > [<ffffffff8172ccc2>] ? trace_hardirqs_on_thunk+0x3a/0x3f > > [<ffffffff810030db>] system_call_fastpath+0x16/0x1b > > > > > > > > > > > > -- > > ak@...ux.intel.com -- Speaking for myself only. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists