| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5559BB63.8000309@yandex-team.ru> Date: Mon, 18 May 2015 13:13:55 +0300 From: Konstantin Khlebnikov <khlebnikov@...dex-team.ru> To: David Miller <davem@...emloft.net> CC: netdev@...r.kernel.org, maheshb@...gle.com, jbenc@...hat.com, hannes@...essinduktion.org Subject: Re: [PATCH 1/3] ipv6: make inet6addr_chain blocking and always call with rtnl locked On 17.05.2015 00:22, David Miller wrote: > From: Konstantin Khlebnikov <khlebnikov@...dex-team.ru> > Date: Thu, 14 May 2015 16:56:18 +0300 > >> Unlike to inetaddr_chain inet6addr_chain is atomic and called from bh >> context without rtnl when ipv6 receives router advertisement packet. >> >> Several drivers don't know about that: ipvlan thinks that it has rtnl >> here, ocrdma locks mutex inside callback. Probably there is more. >> >> This patch makes it blocking and calls from first stage of DAD work. >> Looks like this is completely safe and rtnl already locked here. >> >> Signed-off-by: Konstantin Khlebnikov <khlebnikov@...dex-team.ru> > > I don't see how you can make the inet6addr_chain blocking when it is > invoked from software interrupt context. > > You also cannot try to defer these operations to a workqueue or > similar to get into a blockable context, because various ipv6 > testsuites depend upon the addressing state change happening > when we process the packet that triggers that change. > > Instead, I think you have to make the users of inet6addr_chain > aware of the context in which they execute. > > Thanks. > I've defer only calls of inet6addr_notifier_call_chain. Ipv6 addresses still appears right in interrupt context. Ordering with netlink events RTM_NEWADDR/RTM_DELADDR stays the same: inet6addr_notifier_call_chain(NETDEV_UP, ifp); ipv6_ifa_notify(RTM_NEWADDR, ifp); ... ipv6_ifa_notify(RTM_DELADDR, ifp); inet6addr_notifier_call_chain(NETDEV_DOWN, ifp); As I see ipv6 always send RTM_NEWADDR from dad-work even for IFA_F_OPTIMISTIC addresses The only visible change is ordering with event RTM_NEWPREFIX. And another problem which my patch fixes. at this path: addrconf_prefix_rcv -> ipv6_add_addr -> inet6addr_notifier_call_chain inet6addr_notifier_call_chain called without any locks. Theoretically NETDEV_DOWN event could be delivered before NETDEV_UP if somebody removes that half-baked address right in that moment. -- Konstantin -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists