lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 5 Jul 2022 22:21:14 -0700
From:   Kuniyuki Iwashima <kuniyu@...zon.com>
To:     "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Luis Chamberlain <mcgrof@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Iurii Zaikin <yzaikin@...gle.com>
CC:     Kuniyuki Iwashima <kuniyu@...zon.com>,
        Kuniyuki Iwashima <kuni1840@...il.com>,
        <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH v1 net 00/16] sysctl: Fix data-races around ipv4_table.

A sysctl variable is accessed concurrently, and there is always a chance
of data-race.  So, all readers and writers need some basic protection to
avoid load/store-tearing.

This series changes some proc handlers to use READ_ONCE()/WRITE_ONCE()
internally and tries to fix a data-race on the sysctl side.  However, we
still need a fix for readers/writers in other subsystems.

Not to miss the fix, we convert such handlers to a wrapper function of one
with the "_lockless" suffix.  When we add a fix on other subsystems, we set
the lockless handler as .proc_handler to mark the sysctl knob safe.

After this series, if a proc handler does not have the lockless suffix, it
means we need fixes in other subsystems.  Finally, when there is no user of
proc handlers without the lockless suffix, we can remove them and get free
from sysctl data-races.

This series starts fixing from ipv4_table.


Kuniyuki Iwashima (16):
  sysctl: Clean up proc_handler definitions.
  sysctl: Add proc_dobool_lockless().
  sysctl: Add proc_dointvec_lockless().
  sysctl: Add proc_douintvec_lockless().
  sysctl: Add proc_dointvec_minmax_lockless().
  sysctl: Add proc_douintvec_minmax_lockless().
  sysctl: Add proc_doulongvec_minmax_lockless().
  sysctl: Add proc_dointvec_jiffies_lockless().
  tcp: Fix a data-race around sysctl_tcp_max_orphans.
  inetpeer: Fix data-races around sysctl.
  net: Fix a data-race around sysctl_mem.
  tcp: Mark sysctl_tcp_low_latency obsolete.
  cipso: Fix a data-race around cipso_v4_cache_bucketsize.
  cipso: Fix data-races around boolean sysctl.
  icmp: Fix data-races around sysctl.
  ipv4: Fix a data-race around sysctl_fib_sync_mem.

 Documentation/networking/ip-sysctl.rst |   2 +-
 include/linux/sysctl.h                 |  51 ++---
 include/net/sock.h                     |   2 +-
 include/trace/events/sock.h            |   6 +-
 kernel/sysctl.c                        | 258 ++++++++++++++-----------
 net/decnet/sysctl_net_decnet.c         |   2 +-
 net/ipv4/cipso_ipv4.c                  |  19 +-
 net/ipv4/fib_trie.c                    |   2 +-
 net/ipv4/icmp.c                        |   5 +-
 net/ipv4/inetpeer.c                    |  13 +-
 net/ipv4/sysctl_net_ipv4.c             |  29 +--
 net/ipv4/tcp.c                         |   3 +-
 net/sctp/sysctl.c                      |   2 +-
 13 files changed, 214 insertions(+), 180 deletions(-)

-- 
2.30.2

Powered by blists - more mailing lists