| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Oct 2011 00:14:47 -0400 (EDT) From: David Miller <davem@...emloft.net> To: eric.dumazet@...il.com Cc: mitsuo.hayasaka.hu@...achi.com, fubar@...ibm.com, andy@...yhouse.net, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, yrl.pp-manager.tt@...achi.com, xiyou.wangcong@...il.com Subject: Re: [PATCH net -v2] [BUGFIX] bonding: use local function pointer of bond->recv_probe in bond_handle_frame From: Eric Dumazet <eric.dumazet@...il.com> Date: Wed, 19 Oct 2011 06:05:27 +0200 > Le jeudi 13 octobre 2011 à 11:04 +0900, Mitsuo Hayasaka a écrit : >> The bond->recv_probe is called in bond_handle_frame() when >> a packet is received, but bond_close() sets it to NULL. So, >> a panic occurs when both functions work in parallel. >> >> Why this happen: >> After null pointer check of bond->recv_probe, an sk_buff is >> duplicated and bond->recv_probe is called in bond_handle_frame. >> So, a panic occurs when bond_close() is called between the >> check and call of bond->recv_probe. >> >> Patch: >> This patch uses a local function pointer of bond->recv_probe >> in bond_handle_frame(). So, it can avoid the null pointer >> dereference. >> >> >> Signed-off-by: Mitsuo Hayasaka <mitsuo.hayasaka.hu@...achi.com> ... > Sorry, I forgot to add my official ack. Even if not a perfect patch, its > a step into right direction. > > Acked-by: Eric Dumazet <eric.dumazet@...il.com> Thanks for reviewing Eric, applied. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists