lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 21 Oct 2019 20:57:50 -0700
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     Hoang Le <hoang.h.le@...tech.com.au>,
        'Eric Dumazet' <eric.dumazet@...il.com>,
        jon.maloy@...csson.com, maloy@...jonn.com,
        tipc-discussion@...ts.sourceforge.net, netdev@...r.kernel.org
Subject: Re: [net-next] tipc: improve throughput between nodes in netns



On 10/21/19 8:33 PM, Hoang Le wrote:
> Hi Eric,
> 
> Thanks for quick feedback.
> See my inline answer.
> 
> Regards,
> Hoang
> -----Original Message-----
> From: Eric Dumazet <eric.dumazet@...il.com> 
> Sent: Tuesday, October 22, 2019 9:41 AM
> To: Hoang Le <hoang.h.le@...tech.com.au>; jon.maloy@...csson.com; maloy@...jonn.com; tipc-discussion@...ts.sourceforge.net; netdev@...r.kernel.org
> Subject: Re: [net-next] tipc: improve throughput between nodes in netns
> 
> 
> On 10/21/19 7:20 PM, Hoang Le wrote:
>>  	n->net = net;
>>  	n->capabilities = capabilities;
>> +	n->pnet = NULL;
>> +	for_each_net_rcu(tmp) {
> 
> This does not scale well, if say you have a thousand netns ?
> [Hoang] This check execs only once at setup step. So we get no problem with huge namespaces.
> 
>> +		tn_peer = net_generic(tmp, tipc_net_id);
>> +		if (!tn_peer)
>> +			continue;
>> +		/* Integrity checking whether node exists in namespace or not */
>> +		if (tn_peer->net_id != tn->net_id)
>> +			continue;
>> +		if (memcmp(peer_id, tn_peer->node_id, NODE_ID_LEN))
>> +			continue;
>> +
>> +		hash_chk = tn_peer->random;
>> +		hash_chk ^= net_hash_mix(&init_net);
> 
> Why the xor with net_hash_mix(&init_net) is needed ?
> [Hoang] We're trying to eliminate a sniff at injectable discovery message. 
> Building hash-mixes as much as possible is to prevent fake discovery messages.
> 
>> +		hash_chk ^= net_hash_mix(tmp);
>> +		if (hash_chk ^ hash_mixes)
>> +			continue;
>> +		n->pnet = tmp;
>> +		break;
>> +	}
> 
> 
> How can we set n->pnet without increasing netns ->count ?
> Using check_net() later might trigger an use-after-free.
> 
> [Hoang] In this case, peer node is down. I assume the tipc xmit function already bypassed these lines.
> 

I assume nothing. I prefer evidences :)

It seems that the netns could go down later, you need some
kind of notifier to be able to purge queues/objects having a pointer to a dismantling netns.

Keeping pointers without proper refcount (get_net() or maybe_get_net()) is a recipe for disasters.

Powered by blists - more mailing lists