| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220105230622.69436-1-kuniyu@amazon.co.jp>
Date: Thu, 6 Jan 2022 08:06:22 +0900
From: Kuniyuki Iwashima <kuniyu@...zon.co.jp>
To: <alexei.starovoitov@...il.com>
CC: <andrii@...nel.org>, <ast@...nel.org>, <benh@...zon.com>,
<bpf@...r.kernel.org>, <daniel@...earbox.net>, <kafai@...com>,
<kuni1840@...il.com>, <kuniyu@...zon.co.jp>,
<netdev@...r.kernel.org>
Subject: Re: [PATCH bpf-next 3/6] bpf: af_unix: Use batching algorithm in bpf unix iter.
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
Date: Wed, 5 Jan 2022 14:22:38 -0800
> On Mon, Jan 3, 2022 at 5:33 PM Kuniyuki Iwashima <kuniyu@...zon.co.jp> wrote:
> >
> > The commit 04c7820b776f ("bpf: tcp: Bpf iter batching and lock_sock")
> > introduces the batching algorithm to iterate TCP sockets with more
> > consistency.
> >
> > This patch uses the same algorithm to iterate AF_UNIX sockets.
> >
> > Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.co.jp>
>
> There is something wrong in this patch:
>
> ./test_progs -t bpf_iter_setsockopt_unix
> [ 14.993474] bpf_testmod: loading out-of-tree module taints kernel.
> [ 15.068986]
> [ 15.069203] =====================================
> [ 15.069698] WARNING: bad unlock balance detected!
> [ 15.070187] 5.16.0-rc7-01992-g15d8ab86952d #3780 Tainted: G O
> [ 15.070937] -------------------------------------
> [ 15.071441] test_progs/1438 is trying to release lock
> (&unix_table_locks[i]) at:
> [ 15.072209] [<ffffffff831b7ae9>] unix_next_socket+0x169/0x460
> [ 15.072825] but there are no more locks to release!
> [ 15.073329]
> [ 15.073329] other info that might help us debug this:
> [ 15.074004] 1 lock held by test_progs/1438:
> [ 15.074441] #0: ffff8881072c81c8 (&p->lock){+.+.}-{3:3}, at:
> bpf_seq_read+0x61/0xfa0
> [ 15.075279]
> [ 15.075279] stack backtrace:
> [ 15.075744] CPU: 0 PID: 1438 Comm: test_progs Tainted: G
> O 5.16.0-rc7-01992-g15d8ab86952d #3780
> [ 15.076792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
> BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
> [ 15.077986] Call Trace:
> [ 15.078250] <TASK>
> [ 15.078476] dump_stack_lvl+0x44/0x57
> [ 15.078873] lock_release+0x48e/0x650
> [ 15.079262] ? unix_next_socket+0x169/0x460
> [ 15.079712] ? lock_downgrade+0x690/0x690
> [ 15.080131] ? lock_downgrade+0x690/0x690
> [ 15.080559] _raw_spin_unlock+0x17/0x40
> [ 15.080979] unix_next_socket+0x169/0x460
> [ 15.081402] ? bpf_iter_unix_seq_show+0x20b/0x270
> [ 15.081898] bpf_iter_unix_batch+0xf7/0x580
> [ 15.082337] ? trace_kmalloc_node+0x29/0xd0
> [ 15.082786] bpf_seq_read+0x4a1/0xfa0
> [ 15.083176] ? up_read+0x1a1/0x720
> [ 15.083538] vfs_read+0x128/0x4e0
> [ 15.083902] ksys_read+0xe7/0x1b0
> [ 15.084253] ? vfs_write+0x8b0/0x8b0
> [ 15.084638] do_syscall_64+0x34/0x80
> [ 15.085016] entry_SYSCALL_64_after_hwframe+0x44/0xae
> [ 15.085545] RIP: 0033:0x7f2c4a5ad8b2
> [ 15.085931] Code: 97 20 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb
> b6 0f 1f 80 00 00 00 00 f3 0f 1e fa 8b 05 96 db 20 00 85 c0 75 12 31
> c0 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 41 54 49 89 d4 55
> 48 89
> [ 15.087875] RSP: 002b:00007fff4c8c24b8 EFLAGS: 00000246 ORIG_RAX:
> 0000000000000000
> [ 15.088658] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2c4a5ad8b2
> [ 15.089396] RDX: 0000000000000001 RSI: 00007fff4c8c24cb RDI: 000000000000000a
> [ 15.090132] RBP: 00007fff4c8c2550 R08: 0000000000000000 R09: 00007fff4c8c2397
> [ 15.090870] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000040d910
> [ 15.091618] R13: 00007fff4c8c2750 R14: 0000000000000000 R15: 0000000000000000
> [ 15.092403] </TASK>
>
>
> I've applied patches 1 and 2 to bpf-next.
Thanks, I will take a look with lockdep enabled.
Powered by blists - more mailing lists