lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Oct 2017 00:58:56 +0000 From: Chris Mi <chrism@...lanox.com> To: Cong Wang <xiyou.wangcong@...il.com> CC: Linux Kernel Network Developers <netdev@...r.kernel.org>, Jamal Hadi Salim <jhs@...atatu.com>, Lucas Bates <lucasb@...atatu.com>, Jiri Pirko <jiri@...nulli.us>, David Miller <davem@...emloft.net> Subject: RE: [patch net v3 2/4] net/sched: Use action array instead of action list as parameter > -----Original Message----- > From: Cong Wang [mailto:xiyou.wangcong@...il.com] > Sent: Wednesday, October 18, 2017 12:56 AM > To: Chris Mi <chrism@...lanox.com> > Cc: Linux Kernel Network Developers <netdev@...r.kernel.org>; Jamal Hadi > Salim <jhs@...atatu.com>; Lucas Bates <lucasb@...atatu.com>; Jiri Pirko > <jiri@...nulli.us>; David Miller <davem@...emloft.net> > Subject: Re: [patch net v3 2/4] net/sched: Use action array instead of action > list as parameter > > On Mon, Oct 16, 2017 at 6:20 PM, Chris Mi <chrism@...lanox.com> wrote: > > When destroying filters, actions should be destroyed first. > > The pointers of each action are saved in an array. TC doesn't use the > > array directly, but put all actions in a doubly linked list and use > > that list as parameter. > > > > There is no problem if each filter has its own actions. But if some > > filters share the same action, when these filters are destroyed, RCU > > callback fl_destroy_filter() may be called at the same time. That > > means the same action's 'struct list_head list' > > could be manipulated at the same time. It may point to an invalid > > address so that system will panic. > > So if we remove these RCU callbacks (by adding a sychronize_rcu) this is not a > problem, right? Maybe you are right. But do you think it will cause performance issue, I mean it takes longer time to destroy filters if using synchronize_rcu()? Or is there any other races than RCU callbacks? We haven't found them. This is the only one we found. > > > > > > This patch uses the action array directly to fix this issue. > > > > Fixes commit in pre-git era. > > > > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > > This is wrong too. RCU callbacks were introduced very late.
Powered by blists - more mailing lists