| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Jan 2014 11:10:17 +0000 From: David Vrabel <david.vrabel@...rix.com> To: Annie Li <Annie.li@...cle.com> CC: <xen-devel@...ts.xen.org>, <netdev@...r.kernel.org>, <davem@...emloft.net>, <konrad.wilk@...cle.com>, <ian.campbell@...rix.com>, <wei.liu2@...rix.com>, <andrew.bennieston@...rix.com> Subject: Re: [Xen-devel][PATCH net-next v2] xen-netfront: clean up code in xennet_release_rx_bufs On 15/01/14 23:57, Annie Li wrote: > This patch implements two things: > > * release grant reference and skb for rx path, this fixex resource leaking. > * clean up grant transfer code kept from old netfront(2.6.18) which grants > pages for access/map and transfer. But grant transfer is deprecated in current > netfront, so remove corresponding release code for transfer. > > gnttab_end_foreign_access_ref may fail when the grant entry is currently used > for reading or writing. But this patch does not cover this and improvement for > this failure may be implemented in a separate patch. I don't think replacing a resource leak with a security bug is a good idea. If you would prefer not to fix the gnttab_end_foreign_access() call, I think you can fix this in netfront by taking a reference to the page before calling gnttab_end_foreign_access(). This will ensure the page isn't freed until the subsequent kfree_skb(), or the gref is released by the foreign domain (whichever is later). David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists