lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4EFFA8C2.9040708@gmail.com> Date: Sun, 01 Jan 2012 01:28:50 +0100 From: Nicolas de Pesloüan <nicolas.2p.debian@...il.com> To: Stephen Hemminger <shemminger@...tta.com> CC: David Miller <davem@...emloft.net>, Jay Vosburgh <fubar@...ibm.com>, Andy Gospodarek <andy@...yhouse.net>, netdev@...r.kernel.org Subject: Re: [PATCH] bonding: fix error handling if slave is busy (v2) Le 01/01/2012 01:13, Stephen Hemminger a écrit : > On Sun, 01 Jan 2012 01:09:50 +0100 > Nicolas de Pesloüan<nicolas.2p.debian@...il.com> wrote: > >> Le 01/01/2012 00:26, Stephen Hemminger a écrit : >>> If slave device already has a receive handler registered, then the >>> error unwind of bonding device enslave function is broken. >>> >>> The following will leave a pointer to freed memory in the slave >>> device list, causing a later kernel panic. >>> # modprobe dummy >>> # ip li add dummy0-1 link dummy0 type macvlan >>> # modprobe bonding >>> # echo +dummy0>/sys/class/net/bond0/bonding/slaves >>> >>> The fix is to detach the slave (which removes it from the list) >>> in the unwind path. >>> >>> Signed-off-by: Stephen Hemminger<shemminger@...tta.com> >> >> Thanks Stephen. >> >> Reviewed-by: Nicolas de Pesloüan<nicolas.2p.debian@...e.fr> > > The locking in bond driver is a tangled web. > > Would be cleaner to get rid of bond->lock altogether. > Slave add/delete should be protected by RTNL, and the lookup should > be converted to RCU. The problem is that bonding driver implements > own form of circular list to handle round-robin etc. Bonding has become an incredibly complex thing, due to the large number of corner cases it needs to handle. And the locking system in probably part of the problem. Unfortunately, I'm far from a Linux locking specialist, so I cannot comment on this... I just noticed that searching for RTNL in Documentations yields no result... :-( Nicolas. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists