lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 25 Sep 2017 19:07:43 -0700
From:   Martin KaFai Lau <kafai@...com>
To:     Wei Wang <weiwan@...gle.com>
CC:     David Miller <davem@...emloft.net>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>,
        Eric Dumazet <edumazet@...gle.com>
Subject: Re: [PATCH net] ipv6: remove incorrect WARN_ON() in fib6_del()

On Tue, Sep 26, 2017 at 01:16:05AM +0000, Wei Wang wrote:
> On Mon, Sep 25, 2017 at 5:56 PM, Martin KaFai Lau <kafai@...com> wrote:
> > On Mon, Sep 25, 2017 at 05:35:22PM +0000, Wei Wang wrote:
> >> From: Wei Wang <weiwan@...gle.com>
> >>
> >> fib6_del() generates WARN_ON() when rt->dst.obsolete > 0. This does not
> >> make sense because it is possible that the route passed in is already
> >> deleted by some other thread and rt->dst.obsolete is set to
> >> DST_OBSOLETE_DEAD.
> >> So this commit deletes this WARN_ON() and also remove the
> >> "#ifdef RT6_DEBUG >= 2" condition so that if the route is already
> >> obsolete, we return right at the beginning of fib6_del().
> >>
> >>
> >> diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
> >> index e5308d7cbd75..693bcd7ef6d2 100644
> >> --- a/net/ipv6/ip6_fib.c
> >> +++ b/net/ipv6/ip6_fib.c
> >> @@ -1592,13 +1592,7 @@ int fib6_del(struct rt6_info *rt, struct nl_info *info)
> >>       struct net *net = info->nl_net;
> >>       struct rt6_info **rtp;
> >>
> >> -#if RT6_DEBUG >= 2
> >> -     if (rt->dst.obsolete > 0) {
> >> -             WARN_ON(fn);
> > fn should have already been set to NULL if it is removed
> > from the fib6 tree?
> >
> 
> That is true. rt->rt6i_node (fn) should already be marked as NULL.
I am probably still missing something.

Considering the del operation should be under the writer lock,
if rt->rt6i_node should be NULL (for rt that has already been
removed from fib6), why this WARN_ON() is triggered?

An example may help.

> That means the check on rt->dst.obsolete is redundant.
> I will remove it in v2.
> Thanks Martin.
> 
> 
> >> -             return -ENOENT;
> >> -     }
> >> -#endif
> >> -     if (!fn || rt == net->ipv6.ip6_null_entry)
> >> +     if (!fn || rt->dst.obsolete > 0 || rt == net->ipv6.ip6_null_entry)
> >>               return -ENOENT;
> >>
> >>       WARN_ON(!(fn->fn_flags & RTN_RTINFO));
> >> --
> >> 2.14.1.821.g8fa685d3b7-goog
> >>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ