lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190524160340.169521-1-edumazet@google.com>
Date:   Fri, 24 May 2019 09:03:29 -0700
From:   Eric Dumazet <edumazet@...gle.com>
To:     "David S . Miller" <davem@...emloft.net>
Cc:     netdev <netdev@...r.kernel.org>,
        Eric Dumazet <edumazet@...gle.com>,
        Eric Dumazet <eric.dumazet@...il.com>
Subject: [PATCH net-next 00/11] inet: frags: avoid possible races at netns dismantle

This patch series fixes a race happening on netns dismantle with
frag queues. While rhashtable_free_and_destroy() is running,
concurrent timers might run inet_frag_kill() and attempt
rhashtable_remove_fast() calls. This is not allowed by
rhashtable logic.

Since I do not want to add expensive synchronize_rcu() calls
in the netns dismantle path, I had to no longer inline
netns_frags structures, but dynamically allocate them.

The ten first patches make this preparation, so that
the last patch clearly shows the fix.

As this patch series is not exactly trivial, I chose to
target 5.3. We will backport it once soaked a bit.

Eric Dumazet (11):
  inet: rename netns_frags to fqdir
  net: rename inet_frags_exit_net() to fqdir_exit()
  net: rename struct fqdir fields
  ipv4: no longer reference init_net in ip4_frags_ns_ctl_table[]
  ipv6: no longer reference init_net in ip6_frags_ns_ctl_table[]
  netfilter: ipv6: nf_defrag: no longer reference init_net in
    nf_ct_frag6_sysctl_table
  ieee820154: 6lowpan: no longer reference init_net in
    lowpan_frags_ns_ctl_table
  net: rename inet_frags_init_net() to fdir_init()
  net: add a net pointer to struct fqdir
  net: dynamically allocate fqdir structures
  inet: frags: rework rhashtable dismantle

 include/net/inet_frag.h                 | 48 ++++++++----
 include/net/netns/ieee802154_6lowpan.h  |  2 +-
 include/net/netns/ipv4.h                |  2 +-
 include/net/netns/ipv6.h                |  4 +-
 net/ieee802154/6lowpan/reassembly.c     | 36 ++++-----
 net/ipv4/inet_fragment.c                | 98 ++++++++++++++++---------
 net/ipv4/ip_fragment.c                  | 67 +++++++----------
 net/ipv4/proc.c                         |  4 +-
 net/ipv6/netfilter/nf_conntrack_reasm.c | 43 +++++------
 net/ipv6/proc.c                         |  4 +-
 net/ipv6/reassembly.c                   | 40 ++++------
 11 files changed, 181 insertions(+), 167 deletions(-)

-- 
2.22.0.rc1.257.g3120a18244-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ