lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu,  9 Dec 2021 23:44:20 -0800
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     "David S . Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>
Cc:     netdev <netdev@...r.kernel.org>,
        Eric Dumazet <edumazet@...gle.com>,
        Eric Dumazet <eric.dumazet@...il.com>
Subject: [PATCH V2 net-next 0/6] net: netns refcount tracking, base series

From: Eric Dumazet <edumazet@...gle.com>

We have 100+ syzbot reports about netns being dismantled too soon,
still unresolved as of today.

We think a missing get_net() or an extra put_net() is the root cause.

In order to find the bug(s), and be able to spot future ones,
this patch adds CONFIG_NET_NS_REFCNT_TRACKER and new helpers
to precisely pair all put_net() with corresponding get_net().

To use these helpers, each data structure owning a refcount
should also use a "netns_tracker" to pair the get() and put().

Small sections of codes where the get()/put() are in sight
do not need to have a tracker, because they are short lived,
but in theory it is also possible to declare an on-stack tracker.

v2: Include core networking patches only.

Eric Dumazet (6):
  net: add networking namespace refcount tracker
  net: add netns refcount tracker to struct sock
  net: add netns refcount tracker to struct seq_net_private
  net: sched: add netns refcount tracker to struct tcf_exts
  l2tp: add netns refcount tracker to l2tp_dfs_seq_data
  ppp: add netns refcount tracker

 drivers/net/ppp/ppp_generic.c |  5 +++--
 fs/proc/proc_net.c            | 19 ++++++++++++++++---
 include/linux/netdevice.h     |  9 +--------
 include/linux/seq_file_net.h  |  3 ++-
 include/net/net_namespace.h   | 34 ++++++++++++++++++++++++++++++++++
 include/net/net_trackers.h    | 18 ++++++++++++++++++
 include/net/pkt_cls.h         |  8 ++++++--
 include/net/sock.h            |  2 ++
 net/Kconfig.debug             |  9 +++++++++
 net/core/net_namespace.c      |  3 +++
 net/core/sock.c               |  6 +++---
 net/l2tp/l2tp_debugfs.c       |  9 +++++----
 12 files changed, 102 insertions(+), 23 deletions(-)
 create mode 100644 include/net/net_trackers.h

-- 
2.34.1.173.g76aa8bc2d0-goog

Powered by blists - more mailing lists