| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 01 Dec 2015 15:45:29 -0500 (EST) From: David Miller <davem@...emloft.net> To: edumazet@...gle.com Cc: netdev@...r.kernel.org, dvyukov@...gle.com, hannes@...essinduktion.org, edumazet@...il.com Subject: Re: [PATCH net 2/2] net: fix sock_wake_async() rcu protection From: Eric Dumazet <edumazet@...gle.com> Date: Sun, 29 Nov 2015 20:03:11 -0800 > Dmitry provided a syzkaller (http://github.com/google/syzkaller) > triggering a fault in sock_wake_async() when async IO is requested. > > Said program stressed af_unix sockets, but the issue is generic > and should be addressed in core networking stack. > > The problem is that by the time sock_wake_async() is called, > we should not access the @flags field of 'struct socket', > as the inode containing this socket might be freed without > further notice, and without RCU grace period. > > We already maintain an RCU protected structure, "struct socket_wq" > so moving SOCKWQ_ASYNC_NOSPACE & SOCKWQ_ASYNC_WAITDATA into it > is the safe route. > > It also reduces number of cache lines needing dirtying, so might > provide a performance improvement anyway. > > In followup patches, we might move remaining flags (SOCK_NOSPACE, > SOCK_PASSCRED, SOCK_PASSSEC) to save 8 bytes and let 'struct socket' > being mostly read and let it being shared between cpus. > > Reported-by: Dmitry Vyukov <dvyukov@...gle.com> > Signed-off-by: Eric Dumazet <edumazet@...gle.com> Applied and queued up for -stable. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists