lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <660651c0707f5_22b5520880@john.notmuch>
Date: Thu, 28 Mar 2024 22:29:36 -0700
From: John Fastabend <john.fastabend@...il.com>
To: Jakub Sitnicki <jakub@...udflare.com>, 
 Alexei Starovoitov <alexei.starovoitov@...il.com>, 
 Edward Adam Davis <eadavis@...com>, 
 John Fastabend <john.fastabend@...il.com>
Cc: syzbot+c4f4d25859c2e5859988@...kaller.appspotmail.com, 
 42.hyeyoo@...il.com, 
 andrii@...nel.org, 
 ast@...nel.org, 
 bpf@...r.kernel.org, 
 daniel@...earbox.net, 
 davem@...emloft.net, 
 edumazet@...gle.com, 
 kafai@...com, 
 kpsingh@...nel.org, 
 kuba@...nel.org, 
 linux-kernel@...r.kernel.org, 
 namhyung@...nel.org, 
 netdev@...r.kernel.org, 
 pabeni@...hat.com, 
 peterz@...radead.org, 
 songliubraving@...com, 
 syzkaller-bugs@...glegroups.com, 
 yhs@...com
Subject: Re: [PATCH] bpf, sockmap: fix deadlock in rcu_report_exp_cpu_mult

Jakub Sitnicki wrote:
> On Mon, Mar 25, 2024 at 01:23 PM +01, Jakub Sitnicki wrote:
> 
> [...]
> 
> > But we also need to cover sock_map_unref->sock_sock_map_del_link called
> > from sock_hash_delete_elem. It also grabs a spin lock.
> 
> On second look, no need to disable interrupts in
> sock_map_unref->sock_sock_map_del_link. Call is enclosed in the critical
> section in sock_hash_delete_elem that has been updated.
> 
> I have a question, though, why are we patching sock_hash_free? It
> doesn't get called unless there are no more existing users of the BPF
> map. So nothing can mutate it from interrupt context.
> 
> [...]

Agree sock_hash_free should be only after all refs are dropped.

Edward, did you want to send a v2 for this? Also if you want fixing the
sockmap case as well would be useful. Also happy to finish up the patches
if you would rather not.

Thanks,
John

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ