lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 6 May 2021 21:26:26 +0900
From:   Taehee Yoo <ap420073@...il.com>
To:     Cong Wang <xiyou.wangcong@...il.com>, netdev@...r.kernel.org
Cc:     Cong Wang <cong.wang@...edance.com>,
        syzbot+7d941e89dd48bcf42573@...kaller.appspotmail.com
Subject: Re: [Patch net] rtnetlink: use rwsem to protect rtnl_af_ops list

On 5/6/21 8:36 AM, Cong Wang wrote:
 > From: Cong Wang <cong.wang@...edance.com>
 >

Hi Cong,
Thank you so much for fixing it!

 > We use RTNL lock and RCU read lock to protect the global
 > list rtnl_af_ops, however, this forces the af_ops readers
 > being in atomic context while iterating this list,
 > particularly af_ops->set_link_af(). This was not a problem
 > until we begin to take mutex lock down the path in
 > __ipv6_dev_mc_dec().
 >
 > Convert RTNL+RCU to rwsemaphore, so that we can block on
 > the reader side while still allowing parallel readers.
 >
 > Reported-and-tested-by: 
syzbot+7d941e89dd48bcf42573@...kaller.appspotmail.com
 > Fixes: 63ed8de4be81 ("mld: add mc_lock for protecting per-interface 
mld data")
 > Cc: Taehee Yoo <ap420073@...il.com>
 > Signed-off-by: Cong Wang <cong.wang@...edance.com>

I have been testing this patch and I found a warning
[ 8410.605309] BUG: sleeping function called from invalid context at 
kernel/locking/rwsem.c:1352
[ 8410.607508] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 
6626, name: ip
[ 8410.609507] INFO: lockdep is turned off.
[ 8410.610644] CPU: 5 PID: 6626 Comm: ip Tainted: G        W 
5.12.0+ #881
[ 8410.614943] Call Trace:
[ 8410.615714]  dump_stack+0xa4/0xe5
[ 8410.616692]  ___might_sleep.cold.126+0x140/0x16e
[ 8410.617958]  down_read+0x7b/0x710
[ 8410.618914]  ? lock_release+0x519/0xc30
[ 8410.620005]  ? down_write_killable+0x3b0/0x3b0
[ 8410.621231]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 8410.622647]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 8410.624055]  if_nlmsg_size+0x2b2/0x870
[ 8410.625101]  rtnl_calcit.isra.34+0x1db/0x370
[ 8410.626317]  ? if_nlmsg_size+0x870/0x870
[ 8410.627412]  ? lock_release+0x519/0xc30
[ 8410.628497]  ? rtnl_fill_ifinfo+0x3990/0x3990
[ 8410.629716]  rtnetlink_rcv_msg+0x7cf/0x920
[ 8410.630905]  ? rtnetlink_put_metrics+0x450/0x450
[ 8410.632174]  ? lock_release+0x519/0xc30
[ 8410.633271]  ? lock_acquire+0x2a5/0x720
[ 8410.634371]  netlink_rcv_skb+0x121/0x350
[ 8410.635485]  ? rtnetlink_put_metrics+0x450/0x450
[ 8410.636729]  ? slab_post_alloc_hook+0x43/0x430
[ 8410.637993]  ? netlink_ack+0x9d0/0x9d0
[ 8410.639073]  ? _copy_from_iter_full+0x258/0xeb0
[ 8410.640338]  netlink_unicast+0x41c/0x610
[ 8410.641477]  ? netlink_attachskb+0x710/0x710
[ 8410.642624]  ? try_charge+0x2d1/0xfd0
[ 8410.643684]  ? trace_hardirqs_on+0x41/0x120
[ 8410.644859]  netlink_sendmsg+0x6b9/0xb70
[ 8410.645983]  ? netlink_unicast+0x610/0x610
[ 8410.647136]  ? sockfd_lookup_light+0x1c/0x150
[ 8410.648350]  __sys_sendto+0x30b/0x350

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ