From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751914AbdH3Rzr convert rfc822-to-8bit (ORCPT ); Wed, 30 Aug 2017 13:55:47 -0400 Received: from mout.gmx.net ([212.227.15.19]:53273 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751386AbdH3Rzq (ORCPT ); Wed, 30 Aug 2017 13:55:46 -0400 Message-ID: <1504115735.5852.11.camel@gmx.de> Subject: Re: tip -ENOBOOT - bisected to locking/refcounts, x86/asm: Implement fast refcount overflow protection From: Mike Galbraith To: Kees Cook Cc: LKML , Ingo Molnar , "Reshetova, Elena" Date: Wed, 30 Aug 2017 19:55:35 +0200 In-Reply-To: References: <1503996623.8323.20.camel@gmx.de> <1504025721.6024.25.camel@gmx.de> <1504030207.6560.0.camel@gmx.de> <1504069332.8352.3.camel@gmx.de> <1504113212.5852.6.camel@gmx.de> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 Mime-Version: 1.0 Content-Transfer-Encoding: 8BIT X-Provags-ID: V03:K0:/xdTOnAM3TomLV5bFaqvqgpNfK23IUSFSm2WwKplYks/iqlWqMh BVwolqPvc2fS9dQyRGjRKXaKPLBOdNI2RG7xI7bJSf5vpVo2J90Zps5dSYUXrHQuuV4NQTN EMAPfr58T26vLKcfp0AeK0vj8jLaR1SByhCmHsJdg+Yommt7YZS2qwheEdP4TeiVaELMqgu JGc107Bvy/NgZHpfwqZsw== X-UI-Out-Filterresults: notjunk:1;V01:K0:mH2IBmJ9ZmY=:/xz7JyZPX0NvqgbdgopEs5 Lx/VuH4xLhs77vG/IzFB1UYm9HmvKdhvAl+Jd7SHCDRLyiWmF2IdIaAxeTFkVcpujECqPFA4P jHMh76SH5C9cBonPGdC+VBmWY4+Di0pelpGsQHQN8zh2ANCZfN3UW6WHknFN2eSYlujFldOBf s5q6ncFWqzRUo1NNWKJZAVu6xxlJLXpZWeWe5uyRsveNVZw76S8aj5Av713Vbp+h3lf6lgfKi zzKKMRjw8qCSGoX70zx1/ydg/TvLXtUnPqcadQ5S4ld+RATlGdVdFU8rk/U7fB3iLl8+uLipm T8hFeoXJfx3oUrgye6rrdh97XQ9Xx/ujvY2Z6sx9vE8dfhb87T774Duo1HRWNBHlPhgU3Ft/s HUX/p/roLecJJncXmExIwOYJ2UvgEV342LPSOSZ69AjGVuRzgDh9II1jYaTaYS3irCQeU+19k svKTrf9rkkAoFY41t/rRhUlwARGm45ph/47bOLpQoI1Pct2v5ZvqAJnDVQxC25wv1bivfLjj8 qTsbqaTr03nP2+YFGDK81622WzSfME8hn3jI1JiMK4z580PmLGDXIVS4LvOwmjh0fVBU9BFqU +pTm+7/gOqbzv/kKNRNRLfKxMSUTRA3a2VxzXLFpV+k36IXkjWdRxC3yigpizlutoh+leYi3U M3MsO+F6H90vhdgBriRdFBddjNZf9l2fm7DkhVy+HzJmHdOPpTacXXsSv7vvvsSCPG4HjSMYd BnLORvZzRhG5ckWW+tgV6PEAbcKTY78n0RsR3okCDzvm/yUQGaoFYLewIkBM1D0KJC+/hK9T+ DIIoglNm+B7Yb3359EIPaxldnitouMsec3ThoZowXa8gzDjlJA= Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 2017-08-30 at 10:32 -0700, Kees Cook wrote: > On Wed, Aug 30, 2017 at 10:13 AM, Mike Galbraith wrote: > > On Wed, 2017-08-30 at 09:35 -0700, Kees Cook wrote: > >> On Tue, Aug 29, 2017 at 10:02 PM, Mike Galbraith wrote: > >> > On Tue, 2017-08-29 at 11:41 -0700, Kees Cook wrote: > >> >> Can you also test with 14afee4b6092 ("net: convert sock.sk_wmem_alloc > >> >> from atomic_t to refcount_t") reverted (instead of ARCH_HAS_REFCOUNT > >> >> disabled)? > >> > > >> > Nogo. > >> > >> Thanks for checking! > >> > >> > [ 44.901930] WARNING: CPU: 5 PID: 0 at net/netlink/af_netlink.c:374 netlink_sock_destruct+0x82/0xa0 > >> > >> This is so odd if 14afee4b6092 is reverted. What is line 374 for you > >> in net/netlink/af_netlink.c? > > > > 374 WARN_ON(atomic_read(&sk->sk_rmem_alloc)); > > > > That line is unchanged by 14afee4b6092. > > Uuuuhmm. Wow, now I'm really baffled. I thought you were getting the > warn from the next line with the refcount usage... I will keep > digging. Thanks! I just double checked freshly pulled tip (rapidly moving target), and it's definitely nogo with CONFIG_ARCH_HAS_REFCOUNT=y and 14afee4b6092 reverted. -Mike