lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 5 Jul 2021 13:58:50 +0200
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     Frederic Weisbecker <frederic@...nel.org>
CC:     LKML <linux-kernel@...r.kernel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        "David S . Miller" <davem@...emloft.net>,
        "Ahmed S . Darwish" <a.darwish@...utronix.de>,
        <stable@...r.kernel.org>, Varad Gautam <varad.gautam@...e.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        <netdev@...r.kernel.org>
Subject: Re: [PATCH] xfrm: Fix RCU vs hash_resize_mutex lock inversion

On Wed, Jun 30, 2021 at 08:57:53AM +0200, Steffen Klassert wrote:
> On Mon, Jun 28, 2021 at 03:34:28PM +0200, Frederic Weisbecker wrote:
> > xfrm_bydst_resize() calls synchronize_rcu() while holding
> > hash_resize_mutex. But then on PREEMPT_RT configurations,
> > xfrm_policy_lookup_bytype() may acquire that mutex while running in an
> > RCU read side critical section. This results in a deadlock.
> > 
> > In fact the scope of hash_resize_mutex is way beyond the purpose of
> > xfrm_policy_lookup_bytype() to just fetch a coherent and stable policy
> > for a given destination/direction, along with other details.
> > 
> > The lower level net->xfrm.xfrm_policy_lock, which among other things
> > protects per destination/direction references to policy entries, is
> > enough to serialize and benefit from priority inheritance against the
> > write side. As a bonus, it makes it officially a per network namespace
> > synchronization business where a policy table resize on namespace A
> > shouldn't block a policy lookup on namespace B.
> > 
> > Fixes: 77cc278f7b20 (xfrm: policy: Use sequence counters with associated lock)
> > Cc: stable@...r.kernel.org
> > Cc: Ahmed S. Darwish <a.darwish@...utronix.de>
> > Cc: Peter Zijlstra (Intel) <peterz@...radead.org>
> > Cc: Varad Gautam <varad.gautam@...e.com>
> > Cc: Steffen Klassert <steffen.klassert@...unet.com>
> > Cc: Herbert Xu <herbert@...dor.apana.org.au>
> > Cc: David S. Miller <davem@...emloft.net>
> > Signed-off-by: Frederic Weisbecker <frederic@...nel.org>
> 
> Your patch has a conflicht with ("commit d7b0408934c7 xfrm: policy: Read
> seqcount outside of rcu-read side in xfrm_policy_lookup_bytype")
> from Varad. Can you please rebase onto the ipsec tree?

This patch is now applied to the ipsec tree (on top of the
revert of commit d7b0408934c7).

Thanks everyone!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ