Received: by 2002:a25:ca44:0:0:0:0:0 with SMTP id a65csp2179300ybg; Thu, 30 Jul 2020 12:23:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyqYErVkxJ9i3pzhHaILEldD3CHrwoPYiouQ3zN4YkHRBUtMxg5qC9St4dd50WN2597BK9L X-Received: by 2002:a05:6402:b4c:: with SMTP id bx12mr491698edb.157.1596137013189; Thu, 30 Jul 2020 12:23:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1596137013; cv=none; d=google.com; s=arc-20160816; b=gVEi1E9IMMLruJxei59E+ego2KCyI+l27RJwRwfxNBgSag393zuoK1eYYu82k+5CCH OlOgXU84TclGtv/wiquxRDYTuhri9iGRVb3zX1LABq239TtyaHg4HDvGEOCFXktJe35Z vG4kMDdrbmo2ARSCJWyHJHLD6G296EtVfBBpxX/+LCiKQgHWqbzuRYGKz8//WxTGCCt+ r08h+GnMAXcDkR4WejRV7eZkgz5Hw/saChQ9vysWISRhUZrfGkW3hhr7OsRwDFqtQBiu gSRAliVNDUNbWjIObbeg4yetSsHlD82YTPIaRaaoCWJN8gmkLOlqx3L8rmPRmOkC9CXA JOLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=o8Qcp6UYu/AwRpOfmT/2gGbG6QiB9KOv8ZsebKXGjxA=; b=r1pIK/NsN7FQBSJUjsb3uDQ+h9s5zujBgfMwd1XPVJ9AviJnBw4WkWGFViu/EpFwtk I1i106VgZj5ttZNUci4hfNqcgCzu8h0xhKjc1FK8R8DDzr609H1L1oj/4QIwtwwSCeRU 9f7TuqbLddsmggFiOjsxHykmn6pA3xOPhGMSsfkbMuH79DDfRcy9pXW+hEomDeHRD1zV /LV6xfgufxwVWPe+4FPzTSE5pl22c9MwKIobhM1QpJ0G1ooc/CRgPR0qOF8/Hdzhoc7m OUqYJY+iWfb5y4EKQK1sNQ/RqFohtwFd0gljbasgMxbHH9/TDIlDtMRcpd0/I5snZh12 P04A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=O71muXcb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id nv2si3927587ejb.154.2020.07.30.12.23.10; Thu, 30 Jul 2020 12:23:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=O71muXcb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730456AbgG3TT7 (ORCPT + 99 others); Thu, 30 Jul 2020 15:19:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43520 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730412AbgG3TT5 (ORCPT ); Thu, 30 Jul 2020 15:19:57 -0400 Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 92D55C061575 for ; Thu, 30 Jul 2020 12:19:57 -0700 (PDT) Received: by mail-qt1-x844.google.com with SMTP id o22so20966242qtt.13 for ; Thu, 30 Jul 2020 12:19:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=o8Qcp6UYu/AwRpOfmT/2gGbG6QiB9KOv8ZsebKXGjxA=; b=O71muXcbjS+AQhdrYp3rP/Oq3wA2x0Bshh7svkdi7T5qIqpFrB4DAla8m+jgG139WM mu9h80gMcvvG3REpQ0xWeEBiLAEO9ouc7CHVvNy3LlbUO9w/VzRgVK7O0hesil0/uGPb XM2dhjX4TfvhczKFQNkcZRnOyn93pHQ/sHrDaLahetyY9oeD814+JNlGB9G4410sjJpR KiX4qdCJrtcUnuqbgHH/ZXql47zD/IdwPIth+qPs2VKdWBQp5JRO5u1lWW2ItF4OQ/+W g4LhmLIkvKXHjxy4m37HYkEqJ0cM4kg2xxRFz3anmFWDZky7WUjuZ6xy09UgeL4rxttF pb3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=o8Qcp6UYu/AwRpOfmT/2gGbG6QiB9KOv8ZsebKXGjxA=; b=Lj+N8W8WEitdLZv8zkUE/X/rTnYoV8f6aaCH8fSrmZJa6/iU0057z5BVHmCK2VovKK 6tjLUnyt2QY8eFKjNGx9GVCc8c0EW2Ruap1r7sGVLdUkg31XgB6HUHmiUayVOsnOB+1x GrII3wb9oUK/Y2XM3gvqBU8ulezKP2Q2nS2vUPFCHPs7VUFuXOAFr3FOMUo6ZLiiqRhs DMjmAwkoSKUVKmXIjOzasce4EXjqbh7D/I5MI9aJU+HcBpEm6LxQF3RcC5ea4M4G8r/6 S+R5vzq1KOEiUiZKncOFGSaYi+lrKMeeTRvI3/MXxqkblepclDazTVJ2mC1hQyv7WO7u lMXA== X-Gm-Message-State: AOAM531r9sHrMmUwryvsjjNM2T0imPXwRNXXN2JSHSyINVAEknXFMx3i vGG3SxCxC8nN4dc6NglHw56uRkeY12bcftazyrrnIA== X-Received: by 2002:ac8:7609:: with SMTP id t9mr210248qtq.158.1596136795878; Thu, 30 Jul 2020 12:19:55 -0700 (PDT) MIME-Version: 1.0 References: <0000000000006f179d05ab8e2cf2@google.com> <87tuxqxhgq.fsf@intel.com> <87pn8cyk2b.fsf@intel.com> In-Reply-To: <87pn8cyk2b.fsf@intel.com> From: Dmitry Vyukov Date: Thu, 30 Jul 2020 21:19:43 +0200 Message-ID: Subject: =?UTF-8?B?UmU6IOWbnuWkjTogSU5GTzogcmN1IGRldGVjdGVkIHN0YWxsIGluIHRjX21vZGlmeV9xZA==?= =?UTF-8?B?aXNj?= To: Vinicius Costa Gomes Cc: "Zhang, Qiang" , syzbot , "davem@davemloft.net" , "fweisbec@gmail.com" , "jhs@mojatatu.com" , "jiri@resnulli.us" , "linux-kernel@vger.kernel.org" , "mingo@kernel.org" , "netdev@vger.kernel.org" , "syzkaller-bugs@googlegroups.com" , "tglx@linutronix.de" , "xiyou.wangcong@gmail.com" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jul 30, 2020 at 7:44 PM Vinicius Costa Gomes wrote: > > Hi, > > Dmitry Vyukov writes: > > > On Wed, Jul 29, 2020 at 9:13 PM Vinicius Costa Gomes > > wrote: > >> > >> Hi, > >> > >> "Zhang, Qiang" writes: > >> > >> > ________________________________________ > >> > =E5=8F=91=E4=BB=B6=E4=BA=BA: linux-kernel-owner@vger.kernel.org =E4=BB=A3=E8=A1=A8 syzbot > >> > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2020=E5=B9=B47=E6=9C=8829=E6= =97=A5 13:53 > >> > =E6=94=B6=E4=BB=B6=E4=BA=BA: davem@davemloft.net; fweisbec@gmail.com= ; jhs@mojatatu.com; jiri@resnulli.us; linux-kernel@vger.kernel.org; mingo@k= ernel.org; netdev@vger.kernel.org; syzkaller-bugs@googlegroups.com; tglx@li= nutronix.de; vinicius.gomes@intel.com; xiyou.wangcong@gmail.com > >> > =E4=B8=BB=E9=A2=98: INFO: rcu detected stall in tc_modify_qdisc > >> > > >> > Hello, > >> > > >> > syzbot found the following issue on: > >> > > >> > HEAD commit: 181964e6 fix a braino in cmsghdr_from_user_compat_to= _kern() > >> > git tree: net > >> > console output: https://syzkaller.appspot.com/x/log.txt?x=3D12925e38= 900000 > >> > kernel config: https://syzkaller.appspot.com/x/.config?x=3Df87a5e42= 32fdb267 > >> > dashboard link: https://syzkaller.appspot.com/bug?extid=3D9f78d5c664= a8c33f4cce > >> > compiler: gcc (GCC) 10.1.0-syz 20200507 > >> > syz repro: > >> > https://syzkaller.appspot.com/x/repro.syz?x=3D16587f8c900000 > >> > >> It seems that syzkaller is generating an schedule with too small > >> intervals (3ns in this case) which causes a hrtimer busy-loop which > >> starves other kernel threads. > >> > >> We could put some limits on the interval when running in software mode= , > >> but I don't like this too much, because we are talking about users wit= h > >> CAP_NET_ADMIN and they have easier ways to do bad things to the system= . > > > > Hi Vinicius, > > > > Could you explain why you don't like the argument if it's for CAP_NET_A= DMIN? > > Good code should check arguments regardless I think and it's useful to > > protect root from, say, programming bugs rather than kill the machine > > on any bug and misconfiguration. What am I missing? > > I admit that I am on the fence on that argument: do not let even root > crash the system (the point that my code is crashing the system gives > weight to this side) vs. root has great powers, they need to know what > they are doing. > > The argument that I used to convince myself was: root can easily create > a bunch of processes and give them the highest priority and do > effectively the same thing as this issue, so I went with a the "they > need to know what they are doing side". > > A bit more on the specifics here: > > - Using a small interval size, is only a limitation of the taprio > software mode, when using hardware offloads (which I think most users > do), any interval size (supported by the hardware) can be used; > > - Choosing a good lower limit for this seems kind of hard: something > below 1us would never work well, I think, but things 1us < x < 100us > will depend on the hardware/kernel config/system load, and this is the > range includes "useful" values for many systems. > > Perhaps a middle ground would be to impose a limit based on the link > speed, the interval can never be smaller than the time it takes to send > the minimum ethernet frame (for 1G links this would be ~480ns, should be > enough to catch most programming mistakes). I am going to add this and > see how it looks like. > > Sorry for the brain dump :-) > > > > > Also are we talking about CAP_NET_ADMIN in a user ns as well > > (effectively nobody)? > > Just checked, we are talking about CAP_NET_ADMIN in user namespace as > well. OK, so this is not root/admin, this is just any user.