lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Dec 2020 17:20:15 -0800 From: Jakub Kicinski <kuba@...nel.org> To: Nikolay Aleksandrov <nikolay@...dia.com>, Joseph Huang <Joseph.Huang@...min.com> Cc: Roopa Prabhu <roopa@...dia.com>, "David S. Miller" <davem@...emloft.net>, <bridge@...ts.linux-foundation.org>, <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v3] bridge: Fix a deadlock when enabling multicast snooping On Sat, 5 Dec 2020 10:56:45 +0200 Nikolay Aleksandrov wrote: > On 05/12/2020 01:56, Joseph Huang wrote: > > When enabling multicast snooping, bridge module deadlocks on multicast_lock > > if 1) IPv6 is enabled, and 2) there is an existing querier on the same L2 > > network. > > > > The deadlock was caused by the following sequence: While holding the lock, > > br_multicast_open calls br_multicast_join_snoopers, which eventually causes > > IP stack to (attempt to) send out a Listener Report (in igmp6_join_group). > > Since the destination Ethernet address is a multicast address, br_dev_xmit > > feeds the packet back to the bridge via br_multicast_rcv, which in turn > > calls br_multicast_add_group, which then deadlocks on multicast_lock. > > > > The fix is to move the call br_multicast_join_snoopers outside of the > > critical section. This works since br_multicast_join_snoopers only deals > > with IP and does not modify any multicast data structures of the bridge, > > so there's no need to hold the lock. > > > > Steps to reproduce: > > 1. sysctl net.ipv6.conf.all.force_mld_version=1 > > 2. have another querier > > 3. ip link set dev bridge type bridge mcast_snooping 0 && \ > > ip link set dev bridge type bridge mcast_snooping 1 < deadlock > > > > > A typical call trace looks like the following: > > Fixes: 4effd28c1245 ("bridge: join all-snoopers multicast address") > > Signed-off-by: Joseph Huang <Joseph.Huang@...min.com> > > LGTM, thanks! > Acked-by: Nikolay Aleksandrov <nikolay@...dia.com> Applied, thank you!
Powered by blists - more mailing lists