lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 12 Oct 2016 10:47:49 +0200
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     Nicolas Dichtel <nicolas.dichtel@...nd.com>
CC:     <davem@...emloft.net>, <netdev@...r.kernel.org>,
        Lance Richardson <lrichard@...hat.com>
Subject: Re: [PATCH net] vti6: flush x-netns xfrm cache when vti interface is
 removed

On Fri, Sep 30, 2016 at 11:11:07AM +0200, Nicolas Dichtel wrote:
> This is the same fix than commit a5d0dc810abf ("vti: flush x-netns xfrm
> cache when vti interface is removed")
> 
> This patch fixes a refcnt problem when a x-netns vti6 interface is removed:
> unregister_netdevice: waiting for vti6_test to become free. Usage count = 1
> 
> Here is a script to reproduce the problem:
> 
> ip link set dev ntfp2 up
> ip addr add dev ntfp2 2001::1/64
> ip link add vti6_test type vti6 local 2001::1 remote 2001::2 key 1
> ip netns add secure
> ip link set vti6_test netns secure
> ip netns exec secure ip link set vti6_test up
> ip netns exec secure ip link s lo up
> ip netns exec secure ip addr add dev vti6_test 2003::1/64
> ip -6 xfrm policy add dir out tmpl src 2001::1 dst 2001::2 proto esp \
> 	   mode tunnel mark 1
> ip -6 xfrm policy add dir in tmpl src 2001::2 dst 2001::1 proto esp \
> 	   mode tunnel mark 1
> ip xfrm state add src 2001::1 dst 2001::2 proto esp spi 1 mode tunnel \
> 	   enc des3_ede 0x112233445566778811223344556677881122334455667788 mark 1
> ip xfrm state add src 2001::2 dst 2001::1 proto esp spi 1 mode tunnel \
> 	   enc des3_ede 0x112233445566778811223344556677881122334455667788 mark 1
> ip netns exec secure  ping6 -c 4 2003::2
> ip netns del secure
> 
> CC: Lance Richardson <lrichard@...hat.com>
> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>

Applied to the ipsec tree, thanks!

Powered by blists - more mailing lists