| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpVCqohQvqdnqe3e__5JpH7Zxr_fAW3ThCPHeaDj1kj+Rg@mail.gmail.com>
Date: Mon, 10 Jul 2017 10:19:38 -0700
From: Cong Wang <xiyou.wangcong@...il.com>
To: Linux Kernel Network Developers <netdev@...r.kernel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Cong Wang <xiyou.wangcong@...il.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Manfred Spraul <manfred@...orfullife.com>
Subject: Re: [Patch] mqueue: fix netlink sock refcnt and skb refcnt
On Sun, Jul 9, 2017 at 10:08 PM, Cong Wang <xiyou.wangcong@...il.com> wrote:
> netlink_sendskb() is problematic, it releases sock refcnt
> silently which could cause troubles we can call it multiple
> times. info->notify_sock is a good example where we
> setup once and use it to send netlink skb's for many times.
> It should not hold or release any refcnt, but needs to rely
> on netlink_attachskb()/netlink_detachskb() to hold/release
> the corresponding refcnt.
>
> Same for the skb attached to this sock, it is allocated once
> and used for multiple times, so we should hold its refcnt
> in netlink_attachskb().
>
> At last, we need to call netlink_detachskb() to release
> both refcnt's after we remove the notification.
Hmm, the info->notify_owner is NULL'ed after sending
the notification, so probably we don't put the sock refcnt
repeatly. Not sure about the skb though...
Powered by blists - more mailing lists