lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20130215.154122.2016353281507345149.davem@davemloft.net>
Date:	Fri, 15 Feb 2013 15:41:22 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	paul.gortmaker@...driver.com
Cc:	netdev@...r.kernel.org, erik.hugne@...csson.com
Subject: Re: [PATCH net] tipc: fix missing spinlock init in broadcast code

From: Paul Gortmaker <paul.gortmaker@...driver.com>
Date: Thu, 14 Feb 2013 19:43:33 -0500

> From: Erik Hugne <erik.hugne@...csson.com>
> 
> After commit 3c294cb3 "tipc: remove the bearer congestion mechanism",
> we try to grab the broadcast bearer lock when sending multicast
> messages over the broadcast link. This will cause an oops because
> the lock is never initialized. This is an old bug, but the lock
> was never actually used before commit 3c294cb3, so that why it was
> not visible until now.  The oops will look something like:
> 
> 	BUG: spinlock bad magic on CPU#2, daemon/147
> 	lock: bcast_bearer+0x48/0xffffffffffffd19a [tipc],
> 	.magic: 00000000, .owner: <none>/-1, .owner_cpu: 0
> 	Pid: 147, comm: daemon Not tainted 3.8.0-rc3+ #206
> 	Call Trace:
> 	spin_dump+0x8a/0x8f
> 	spin_bug+0x21/0x26
> 	do_raw_spin_lock+0x114/0x150
> 	_raw_spin_lock_bh+0x19/0x20
> 	tipc_bearer_blocked+0x1f/0x40 [tipc]
> 	tipc_link_send_buf+0x82/0x280 [tipc]
> 	? __alloc_skb+0x9f/0x2b0
> 	tipc_bclink_send_msg+0x77/0xa0 [tipc]
> 	tipc_multicast+0x11b/0x1b0 [tipc]
> 	send_msg+0x225/0x530 [tipc]
> 	sock_sendmsg+0xca/0xe0
> 
> The above can be triggered by running the multicast demo program.
> 
> Signed-off-by: Erik Hugne <erik.hugne@...csson.com>
> Signed-off-by: Paul Gortmaker <paul.gortmaker@...driver.com>

Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ