| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iLQuBYht_jMx7WwtbDP-PTnhBvNu2FWW1uGnKkcqnvT+w@mail.gmail.com> Date: Wed, 4 Sep 2024 14:32:59 +0200 From: Eric Dumazet <edumazet@...gle.com> To: Jiawei Ye <jiawei.ye@...mail.com> Cc: pablo@...filter.org, kadlec@...filter.org, davem@...emloft.net, dsahern@...nel.org, kuba@...nel.org, pabeni@...hat.com, fw@...len.de, netfilter-devel@...r.kernel.org, coreteam@...filter.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] netfilter: tproxy: Add RCU protection in nf_tproxy_laddr4 On Wed, Sep 4, 2024 at 2:25 PM Jiawei Ye <jiawei.ye@...mail.com> wrote: > > In the `nf_tproxy_laddr4` function, both the `__in_dev_get_rcu()` call > and the `in_dev_for_each_ifa_rcu()` macro are used to access > RCU-protected data structures. Previously, these accesses were not > enclosed within an RCU read-side critical section, which violates RCU > usage rules and can lead to race conditions, data inconsistencies, and > memory corruption issues. > > This possible bug was identified using a static analysis tool developed > by myself, specifically designed to detect RCU-related issues. > > To address this, `rcu_read_lock()` and `rcu_read_unlock()` are added > around the RCU-protected operations in the `nf_tproxy_laddr4` function by > acquiring the RCU read lock before calling `__in_dev_get_rcu()` and > iterating with `in_dev_for_each_ifa_rcu()`. This change prevents > potential RCU issues and adheres to proper RCU usage patterns. Please share with us the complete stack trace where you think rcu is not held, because your static tool is unknown to us. nf_tproxy_get_sock_v4() would have a similar issue.
Powered by blists - more mailing lists