lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 5 Oct 2015 07:58:36 -0400
From:	Jamal Hadi Salim <jhs@...atatu.com>
To:	Cong Wang <xiyou.wangcong@...il.com>, netdev@...r.kernel.org
Cc:	John Fastabend <john.fastabend@...il.com>,
	Cong Wang <cwang@...pensource.com>
Subject: Re: [Patch net] act_mirred: fix a race condition on mirred_list

Hi Cong,

I am wondering if making the bindcount or refcount atomic would help?
How does this bug get created? i.e the RTNL is still around.
Why is this specific to mirred only?

cheers,
jamal


On 10/01/15 14:37, Cong Wang wrote:
> After commit 1ce87720d456 ("net: sched: make cls_u32 lockless")
> we began to release tc actions in a RCU callback. However,
> mirred action relies on RTNL lock to protect the global
> mirred_list, therefore we could have a race condition
> between RCU callback and netdevice event, which caused
> a list corruption as reported by Vinson.
>
> Instead of relying on RTNL lock, introduce a spinlock to
> protect this list.
>
> Note, in non-bind case, it is still called with RTNL lock,
> therefore should disable BH too.
>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists