lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 21 Apr 2017 15:58:32 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     nikolay@...ulusnetworks.com
Cc:     netdev@...r.kernel.org, yoshfuji@...ux-ipv6.org,
        dvyukov@...gle.com, kcc@...gle.com, syzkaller@...glegroups.com,
        edumazet@...gle.com, roopa@...ulusnetworks.com,
        torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] ip6mr: fix notification device destruction

From: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
Date: Fri, 21 Apr 2017 22:56:26 +0300

> On 21/04/17 22:50, Nikolay Aleksandrov wrote:
>> On 21/04/17 22:36, David Miller wrote:
>>> From: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
>>> Date: Fri, 21 Apr 2017 21:30:42 +0300
>>>
>>>> On 21/04/17 20:42, Nikolay Aleksandrov wrote:
>>>>> Andrey Konovalov reported a BUG caused by the ip6mr code which is caused
>>>>> because we call unregister_netdevice_many for a device that is already
>>>>> being destroyed. In IPv4's ipmr that has been resolved by two commits
>>>>> long time ago by introducing the "notify" parameter to the delete
>>>>> function and avoiding the unregister when called from a notifier, so
>>>>> let's do the same for ip6mr.
>>>  ...
>>>> +CC LKML and Linus
>>>
>>> Applied, thanks Nikolay and thanks Andrey for the report and testing.
>>>
>>> Nikolay, how far does this bug go back?
>>>
>> 
>> Good question, AFAICS since ip6mr exists because it was copied from ipmr:
>> commit 7bc570c8b4f7
>> Author: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>
>> Date:   Thu Apr 3 09:22:53 2008 +0900
>> 
>>     [IPV6] MROUTE: Support multicast forwarding.
>> 
>> 
> 
> Oops no, my bad. That wouldn't cause it to BUG because it was already removed by mif6_delete
> earlier. So since it can be destroyed by a netns exiting, currently I don't see any other
> way which is outside of ip6mr for destroying that device.
> 
> That should be:
> commit 8229efdaef1e
> Author: Benjamin Thery <benjamin.thery@...l.net>
> Date:   Wed Dec 10 16:30:15 2008 -0800
> 
>     netns: ip6mr: enable namespace support in ipv6 multicast forwarding code
> 
> 
> Which allowed the notifier to be executed for pimreg devices in other network namespaces.

That still makes it -stable material as far as I'm concerned.

Thanks again! :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ