lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20220922121254.GA19803@breakpoint.cc>
Date:   Thu, 22 Sep 2022 14:12:54 +0200
From:   Florian Westphal <fw@...len.de>
To:     Martin Zaharinov <micron10@...il.com>
Cc:     Florian Westphal <fw@...len.de>,
        Eric Dumazet <eric.dumazet@...il.com>, pablo@...filter.org,
        Paolo Abeni <pabeni@...hat.com>,
        netdev <netdev@...r.kernel.org>, netfilter-devel@...r.kernel.org,
        linux-mm@...ck.org, mhocko@...e.com
Subject: Re: Bug Report Flowtable NFT with kernel 5.19.9

Martin Zaharinov <micron10@...il.com> wrote:
> This is bug report for flowtable and kernel 5.19.9
> 
> simple config nat + flowtable 

CC mm experts.  I'm not sure that this is a bug in netfilter/rhashtable,
looks like mm problem perhaps?

I am a bit confused wrt. kvzalloc+GFP_ATOMIC.  This looks like following is happening:

5.19.9 kernel BUGs with:

> Sep 22 07:43:49  [460691.305266][   C28] kernel BUG at mm/vmalloc.c:2437!

[ BUG_ON(in_interrupt ]

> Sep 22 07:43:50  [460692.031617][   C28] Call Trace:
> Sep 22 07:43:50  [460692.064498][   C28]  <IRQ>
> Sep 22 07:43:50  [460692.096177][   C28]  __vmalloc_node_range+0x96/0x1e0
> Sep 22 07:43:50  [460692.128014][   C28]  ? bucket_table_alloc.isra.0+0x47/0x140
> Sep 22 07:43:50  [460692.160134][   C28]  kvmalloc_node+0x92/0xb0
> Sep 22 07:43:50  [460692.191885][   C28]  ? bucket_table_alloc.isra.0+0x47/0x140
> Sep 22 07:43:50  [460692.224234][   C28]  bucket_table_alloc.isra.0+0x47/0x140
> Sep 22 07:43:50  [460692.256840][   C28]  rhashtable_try_insert+0x3a4/0x440

[ rest irrelevant ]

AFAICS this is caused by kvzalloc(GFP_ATOMIC) which somehow ends up in
GFP_KERNEL-only territory?  Looking at recent history I see

commit a421ef303008b0ceee2cfc625c3246fa7654b0ca
Author: Michal Hocko <mhocko@...e.com>
Date:   Fri Jan 14 14:07:07 2022 -0800

    mm: allow !GFP_KERNEL allocations for kvmalloc

before this, GFP_ATOMIC made sure we stay with plain kmalloc, but
now it appears that we can end up in places where GFP_ATOMIC isn't
allowed?

Original bug report is here:
https://lore.kernel.org/netdev/09BE0B8A-3ADF-458E-B75E-931B74996355@gmail.com/T/#u

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ