lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2ea192a8-b437-86e4-59b3-b4d57117aee1@gmail.com> Date: Fri, 19 May 2023 15:25:12 +0900 From: Taehee Yoo <ap420073@...il.com> To: Jakub Kicinski <kuba@...nel.org> Cc: davem@...emloft.net, pabeni@...hat.com, edumazet@...gle.com, jiri@...nulli.us, j.vosburgh@...il.com, andy@...yhouse.net, netdev@...r.kernel.org, jarod@...hat.com, razor@...ckwall.org, simon.horman@...igine.com, wangyufen@...wei.com, syzbot+60748c96cf5c6df8e581@...kaller.appspotmail.com Subject: Re: [PATCH net v2] net: fix stack overflow when LRO is disabled for virtual interfaces On 5/18/23 03:45, Jakub Kicinski wrote: > On Thu, 18 May 2023 02:28:29 +0900 Taehee Yoo wrote: >> > Why doesn't the (already synchronized) upper not skip the update? >> >> The skipping logic of this is existing in the netdev_sync_lower_features(). >> The purpose of this is to synchronize the lower interfaces, not the >> upper interface. >> Actually, there is no upper-only synchronization logic. >> >> Both bonding and team interfaces rely on notification mechanisms to work >> their own logic such as synchronization. >> The notification is a broadcasting mechanism. >> So, both lower and upper receive this event, and it works its own >> notification handling. > > This is all true. > >> But the notification mechanism currently doesn't have options such as >> filtering and these interfaces receive this event with updated feature >> flags. > > We don't have to filter notifications. > >> So, the upper interface can't distinguish whether the received event is >> the first event or duplicated event. > > What I was thinking was basically why does __netdev_update_features() > not return early if it made no changes? Looking thru the history this > behavior has been created by commit e7868a85e1b26bcb2e. Can we revert > that and fix the problem of syncing features on new ports differently? I think this is the best approach so I tried it with existing variables such as dev->features, dev->wanted_features, But I couldn't find to fix it. Because the upper interface' feature flag is updated at the end of it. So, __netdev_update_features() is called always with the old upper-interface' features flag. __netdev_update_features() netdev_sync_lower_features() __netdev_update_features() netdev_sync_lower_features() ... dev->features = features; dev->features = features; dev->features = features; dev->features = features; In order to return __netdev_update_features() early in duplicated call, __netdev_update_features() should update dev->features ealier than netdev_sync_lower_features() call. So, the current code doesn't update dev->features early so it can't check duplicated calls with dev->features. I tested this approach with a revert of e7868a85e1b26bcb2e and the below change. diff --git a/net/core/dev.c b/net/core/dev.c index 6b12d8a9d463..f051c293ffaa 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -9758,6 +9758,9 @@ int __netdev_update_features(struct net_device *dev) return -1; } + if (netif_is_bond_master(dev) || netif_is_team_master(dev)) + dev->features = features; + /* some features must be disabled on lower devices when disabled * on an upper device (think: bonding master or bridge) */ It fixes the stack overflow problem, but I'm not sure whether updating it before netdev_sync_lower_features() is safe or not.
Powered by blists - more mailing lists