lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 14 Aug 2018 17:08:44 -0700
From:   Roman Gushchin <guro@...com>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>
CC:     Yonghong Song <yhs@...com>, <ast@...com>, <daniel@...earbox.net>,
        <netdev@...r.kernel.org>, <kernel-team@...com>
Subject: Re: [PATCH bpf] bpf: fix a rcu usage warning in
 bpf_prog_array_copy_core()

On Tue, Aug 14, 2018 at 04:59:45PM -0700, Alexei Starovoitov wrote:
> On Tue, Aug 14, 2018 at 11:01:12AM -0700, Yonghong Song wrote:
> > Commit 394e40a29788 ("bpf: extend bpf_prog_array to store pointers
> > to the cgroup storage") refactored the bpf_prog_array_copy_core()
> > to accommodate new structure bpf_prog_array_item which contains
> > bpf_prog array itself.
> > 
> > In the old code, we had
> >    perf_event_query_prog_array():
> >      mutex_lock(...)
> >      bpf_prog_array_copy_call():
> >        prog = rcu_dereference_check(array, 1)->progs
> >        bpf_prog_array_copy_core(prog, ...)
> >      mutex_unlock(...)
> > 
> > With the above commit, we had
> >    perf_event_query_prog_array():
> >      mutex_lock(...)
> >      bpf_prog_array_copy_call():
> >        bpf_prog_array_copy_core(array, ...):
> >          item = rcu_dereference(array)->items;
> >          ...
> >      mutex_unlock(...)
> > 
> > The new code will trigger a lockdep rcu checking warning.
> > The fix is to change rcu_dereference() to rcu_dereference_check()
> > to prevent such a warning.
> > 
> > Reported-by: syzbot+6e72317008eef84a216b@...kaller.appspotmail.com
> > Fixes: 394e40a29788 ("bpf: extend bpf_prog_array to store pointers to the cgroup storage")
> > Cc: Roman Gushchin <guro@...com>
> > Signed-off-by: Yonghong Song <yhs@...com>
> 
> makes sense to me
> Acked-by: Alexei Starovoitov <ast@...nel.org>
> 
> Roman, would you agree?
> 

rcu_dereference_check(<>, 1) always looks a bit strange to me,
but if it's the only reasonable way to silence the warning,
of course I'm fine with it.

Thanks!

Powered by blists - more mailing lists