| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a783f15a-5657-787e-fdbd-88f9e3645571@huawei.com>
Date: Mon, 9 Aug 2021 09:15:09 +0800
From: Kefeng Wang <wangkefeng.wang@...wei.com>
To: Greg KH <gregkh@...uxfoundation.org>,
Jakub Kicinski <kuba@...nel.org>
CC: <linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>,
<hannes@...essinduktion.org>, <davem@...emloft.net>,
<akpm@...ux-foundation.org>,
Daniel Borkmann <daniel@...earbox.net>,
"Eric Dumazet" <edumazet@...gle.com>,
Minmin chen <chenmingmin@...wei.com>
Subject: Re: [PATCH v2] once: Fix panic when module unload
On 2021/8/6 21:51, Greg KH wrote:
> On Fri, Aug 06, 2021 at 06:43:28AM -0700, Jakub Kicinski wrote:
>> On Fri, 6 Aug 2021 16:21:24 +0800 Kefeng Wang wrote:
>>> DO_ONCE
>>> DEFINE_STATIC_KEY_TRUE(___once_key);
>>> __do_once_done
>>> once_disable_jump(once_key);
>>> INIT_WORK(&w->work, once_deferred);
>>> struct once_work *w;
>>> w->key = key;
>>> schedule_work(&w->work); module unload
>>> //*the key is
>>> destroy*
>>> process_one_work
>>> once_deferred
>>> BUG_ON(!static_key_enabled(work->key));
>>> static_key_count((struct static_key *)x) //*access key, crash*
>>>
>>> When module uses DO_ONCE mechanism, it could crash due to the above
>>> concurrency problem, we could reproduce it with link[1].
>>>
>>> Fix it by add/put module refcount in the once work process.
>>>
>>> [1] https://lore.kernel.org/netdev/eaa6c371-465e-57eb-6be9-f4b16b9d7cbf@huawei.com/
>> Seems reasonable. Greg does it look good to you?
> Me? I was not paying attention to this at all, sorry...
>
>> I think we can take it thru networking since nobody cared to pick up v1.
Thanks all ;)
> Sure, I trust you :)
> .
>
Powered by blists - more mailing lists