lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 18 May 2015 13:13:55 +0300
From:	Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
To:	David Miller <davem@...emloft.net>
CC:	netdev@...r.kernel.org, maheshb@...gle.com, jbenc@...hat.com,
	hannes@...essinduktion.org
Subject: Re: [PATCH 1/3] ipv6: make inet6addr_chain blocking and always call
 with rtnl locked

On 17.05.2015 00:22, David Miller wrote:
> From: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
> Date: Thu, 14 May 2015 16:56:18 +0300
>
>> Unlike to inetaddr_chain inet6addr_chain is atomic and called from bh
>> context without rtnl when ipv6 receives router advertisement packet.
>>
>> Several drivers don't know about that: ipvlan thinks that it has rtnl
>> here, ocrdma locks mutex inside callback. Probably there is more.
>>
>> This patch makes it blocking and calls from first stage of DAD work.
>> Looks like this is completely safe and rtnl already locked here.
>>
>> Signed-off-by: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
>
> I don't see how you can make the inet6addr_chain blocking when it is
> invoked from software interrupt context.
>
> You also cannot try to defer these operations to a workqueue or
> similar to get into a blockable context, because various ipv6
> testsuites depend upon the addressing state change happening
> when we process the packet that triggers that change.
>
> Instead, I think you have to make the users of inet6addr_chain
> aware of the context in which they execute.
>
> Thanks.
>

I've defer only calls of inet6addr_notifier_call_chain.
Ipv6 addresses still appears right in interrupt context.

Ordering with netlink events RTM_NEWADDR/RTM_DELADDR stays the same:

inet6addr_notifier_call_chain(NETDEV_UP, ifp);
ipv6_ifa_notify(RTM_NEWADDR, ifp);
...
ipv6_ifa_notify(RTM_DELADDR, ifp);
inet6addr_notifier_call_chain(NETDEV_DOWN, ifp);

As I see ipv6 always send RTM_NEWADDR from dad-work even for
IFA_F_OPTIMISTIC addresses

The only visible change is ordering with event RTM_NEWPREFIX.


And another problem which my patch fixes. at this path:
addrconf_prefix_rcv -> ipv6_add_addr -> inet6addr_notifier_call_chain

inet6addr_notifier_call_chain called without any locks.
Theoretically NETDEV_DOWN event could be delivered before NETDEV_UP
if somebody removes that half-baked address right in that moment.

-- 
Konstantin
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ