| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Mar 2012 21:01:59 -0700
From: Eric Dumazet <eric.dumazet@...il.com>
To: David Miller <davem@...emloft.net>
Cc: therbert@...gle.com, netdev@...r.kernel.org
Subject: Re: [PATCH] net: Provide SYN packet for passive connections
On Sun, 2012-03-11 at 21:14 -0700, David Miller wrote:
> From: Tom Herbert <therbert@...gle.com>
> Date: Sun, 11 Mar 2012 21:08:38 -0700
>
> > For inet_connection_sock I believe there are fields that would only be
> > used for a listeners(e.g. icsk_accept_queue), and fields that would
> > only be used for a real connection (e.g. icsk_retransmits). Would it
> > be worth it to split these into a union?
>
> Indeed, it might.
OK I took a look at this idea, and it seems safe right now.
[PATCH net-next] inet: embed icsk_accept_queue in an union
icsk_accept_queue is currently used only for LISTEN sockets. We could
share its space with fields used for other kind of inet sockets.
For active connections, this area is zeroed in socket setup, and for
passive ones, we clear the whole area in inet_csk_clone_lock() to make
sure we dont use content inherited from (listener) parent.
/* Deinitialize accept_queue to trap illegal accesses. */
memset(&newicsk->icsk_accept_queue, 0, sizeof(newicsk->icsk_accept_queue));
For 100% safety, we could do the same in inet_csk_listen_stop(), or we can
double check that fields added in this union later are only accessed by non
LISTEN sockets.
All these fields must have a null default value.
Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
Suggested-by: Tom Herbert <therbert@...gle.com>
---
include/net/inet_connection_sock.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/include/net/inet_connection_sock.h b/include/net/inet_connection_sock.h
index dbf9aab..d3ccaf9 100644
--- a/include/net/inet_connection_sock.h
+++ b/include/net/inet_connection_sock.h
@@ -86,7 +86,9 @@ struct inet_connection_sock_af_ops {
struct inet_connection_sock {
/* inet_sock has to be the first member! */
struct inet_sock icsk_inet;
- struct request_sock_queue icsk_accept_queue;
+ union {
+ struct request_sock_queue icsk_accept_queue;
+ };
struct inet_bind_bucket *icsk_bind_hash;
unsigned long icsk_timeout;
struct timer_list icsk_retransmit_timer;
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists