lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <d0c9367d71860bf7c5439511e5f45bd05286d40a.camel@redhat.com>
Date:   Mon, 01 Jun 2020 20:49:14 +0200
From:   Davide Caratti <dcaratti@...hat.com>
To:     David Miller <davem@...emloft.net>, xiyou.wangcong@...il.com
Cc:     jhs@...atatu.com, Po.Liu@....com, netdev@...r.kernel.org,
        ivecera@...hat.com
Subject: Re: [PATCH net-next] net/sched: fix a couple of splats in the
 error path of tfc_gate_init()

On Mon, 2020-06-01 at 11:37 -0700, David Miller wrote:
> From: Davide Caratti <dcaratti@...hat.com>
> Date: Fri, 29 May 2020 00:05:32 +0200
> 
> > trying to configure TC 'act_gate' rules with invalid control actions, the
> > following splat can be observed:
> > 
> >  general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI
> >  KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
> >  CPU: 1 PID: 2143 Comm: tc Not tainted 5.7.0-rc6+ #168
> >  Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014
> >  RIP: 0010:hrtimer_active+0x56/0x290
> >  [...]
> >   Call Trace:
> >   hrtimer_try_to_cancel+0x6d/0x330
>  ...
> > this is caused by hrtimer_cancel(), running before hrtimer_init(). Fix it
> > ensuring to call hrtimer_cancel() only if clockid is valid, and the timer
> > has been initialized. After fixing this splat, the same error path causes
> > another problem:
[...]

> Applied, thanks.

hello Dave,

for this patch I will probably need to send a follow-up, because
the TC action overwrite case probably has still some issues [1] [2].
I can do that targeting the 'net' tree, unless Po or Cong have some
objections.

Ok?

thank you in advance,
-- 
davide


[1] https://lore.kernel.org/netdev/CAM_iQpVesOZ0kQ2OWHss1kG3O5tvYUYETK4A3LW9doH5ZFQjmw@mail.gmail.com/ 
[2] https://lore.kernel.org/netdev/696c630f8c72f2a6a0674b69921fd500f1d5d4d1.camel@redhat.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ