From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751295AbdH2SlW (ORCPT ); Tue, 29 Aug 2017 14:41:22 -0400 Received: from mail-it0-f52.google.com ([209.85.214.52]:38391 "EHLO mail-it0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751186AbdH2SlV (ORCPT ); Tue, 29 Aug 2017 14:41:21 -0400 X-Google-Smtp-Source: ADKCNb7ty82M/YnLXBcg0wMr+1R/jdCTxniOxZhv+4kX/acY1oB8C5sdgy7dGkBT4vF522W+yTd4TBoVJhAulVmuCtc= MIME-Version: 1.0 In-Reply-To: <1504030207.6560.0.camel@gmx.de> References: <1503996623.8323.20.camel@gmx.de> <1504025721.6024.25.camel@gmx.de> <1504030207.6560.0.camel@gmx.de> From: Kees Cook Date: Tue, 29 Aug 2017 11:41:20 -0700 X-Google-Sender-Auth: 4QfWGTjIq-aPcDKVycC6Bd6nVzk Message-ID: Subject: Re: tip -ENOBOOT - bisected to locking/refcounts, x86/asm: Implement fast refcount overflow protection To: Mike Galbraith Cc: LKML , Ingo Molnar , "Reshetova, Elena" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 29, 2017 at 11:10 AM, Mike Galbraith wrote: > On Tue, 2017-08-29 at 18:55 +0200, Mike Galbraith wrote: >> On Tue, 2017-08-29 at 08:58 -0700, Kees Cook wrote: >> > >> > Ah-ha, found the tip-bot commit now that disables the x86 refcount >> > implementation. Can you boot with CONFIG_REFCOUNT_FULL=y? >> >> Will do in the A.M. > > (It's A.M. somewhere..) That boots fine. Okay, thanks! I think we've seen this before, but couldn't reproduce it. The issue is: static void netlink_sock_destruct(struct sock *sk) { ... WARN_ON(refcount_read(&sk->sk_wmem_alloc)); ... } Can you also test with 14afee4b6092 ("net: convert sock.sk_wmem_alloc from atomic_t to refcount_t") reverted (instead of ARCH_HAS_REFCOUNT disabled)? I'll try again to reproduce this... Thanks! -Kees -- Kees Cook Pixel Security