lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <eb7bca34-2b6a-1140-b230-71f333b42807@gmail.com>
Date:   Mon, 25 Feb 2019 15:09:05 -0800
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     Dmitry Safonov <dima@...sta.com>, linux-kernel@...r.kernel.org
Cc:     0x7f454c46@...il.com, "David S. Miller" <davem@...emloft.net>,
        Florian Westphal <fw@...len.de>,
        Hannes Frederic Sowa <hannes@...essinduktion.org>,
        netdev@...r.kernel.org
Subject: Re: [PATCH] rtnetlink: Synchronze net in rtnl_unregister()



On 02/25/2019 01:27 PM, Dmitry Safonov wrote:
> rtnl_unregister() unsets handler from table, which is protected
> by rtnl_lock or RCU. At this moment only dump handlers access the table
> with rcu_lock(). Every other user accesses under rtnl.
> 
> Callers may expect that rtnl_unregister() prevents any further handlers
> calls, alike rtnl_unregister_all(). And they do expect it.
> 
> I've looked on in-tree caller uses:
> br_mdb: safe, but in err-path br_netlink_init()
> fib_rules: safe - err-path is very early in __init
> ip6mr: safe - following unregister_pernet_subsys() calls internally rcu_barrier()
> qrtr: safe - following sock_unregister() calls internally synchronize_rcu()

If rcu_barrier() was needed, then all callers should use it.

If synchronize_rcu() was needed, then all callers should use it.

But mixing is probably wrong.

> 
> While it's possible to document that rtnl_unregister() requires
> synchronize_net() afterwards - unlike rtnl_unregister_all(), I believe
> the module exit is very much slow-path.

rtnl_unregister_all() needs the sychronize_rcu() at this moment
because of the kfree(tab), not because of the kfree_rcu(link, rcu);

> 
> Issue seems to be very theoretical and unlikely, so I'm not Cc'ing
> stable tree.
> 
> Fixes: 6853dd488119 ("rtnetlink: protect handler table with rcu")
> Cc: "David S. Miller" <davem@...emloft.net>
> Cc: Florian Westphal <fw@...len.de>
> Cc: "Hannes Frederic Sowa" <hannes@...essinduktion.org>
> Cc: netdev@...r.kernel.org
> Signed-off-by: Dmitry Safonov <dima@...sta.com>
> ---
>  net/core/rtnetlink.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> index 5ea1bed08ede..3db70da4f951 100644
> --- a/net/core/rtnetlink.c
> +++ b/net/core/rtnetlink.c
> @@ -308,7 +308,9 @@ int rtnl_unregister(int protocol, int msgtype)
>  	rcu_assign_pointer(tab[msgindex], NULL);
>  	rtnl_unlock();
>  
> -	kfree_rcu(link, rcu);
> +	synchronize_net();
> +
> +	kfree(link);


I really do not see a difference here (other than this being much slower of course)

If the caller needs rcu_barrier(), then add it in the caller ?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ