| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Jan 2014 16:49:44 -0800 From: Eric Dumazet <eric.dumazet@...il.com> To: Cong Wang <cwang@...pensource.com> Cc: paulmck@...ux.vnet.ibm.com, Tom Herbert <therbert@...gle.com>, netdev <netdev@...r.kernel.org> Subject: Re: suspicious RCU usage in net/ipv4/ip_tunnel.c:80 On Thu, 2014-01-16 at 16:26 -0800, Cong Wang wrote: > On Mon, Jan 13, 2014 at 8:53 PM, Paul E. McKenney > <paulmck@...ux.vnet.ibm.com> wrote: > > OK, I'll bite... This code invokes dst_release() which looks to me > > like it dereferences this pointer: > > > > Yeah, sure, my point is it doesn't dereference the pointer when it holds > the spin_lock. I read rcu_dereference_protected() as "deference the rcu > pointer when we protected by ...", but we dereference it after the lock is > released. :) See rcu_dereference_protected() as rcu_fetch_protected() We read/fetch the pointer, but wont dereference the memory pointer by this pointer later. > > > @Eric, will you submit your patch as a formal one? I already tested it. I actually sent another patch : http://patchwork.ozlabs.org/patch/311902/ Thanks ! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists