| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180918233411.GB17466@lunn.ch>
Date: Wed, 19 Sep 2018 01:34:11 +0200
From: Andrew Lunn <andrew@...n.ch>
To: "Jason A. Donenfeld" <Jason@...c4.com>
Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
linux-crypto@...r.kernel.org, davem@...emloft.net,
gregkh@...uxfoundation.org
Subject: Re: [PATCH net-next v5 20/20] net: WireGuard secure network tunnel
> +#define push_rcu(stack, p, len) ({ \
> + if (rcu_access_pointer(p)) { \
> + BUG_ON(len >= 128); \
> + stack[len++] = rcu_dereference_raw(p); \
> + } \
> + true; \
> + })
> +static void root_free_rcu(struct rcu_head *rcu)
> +{
> + struct allowedips_node *node, *stack[128] = {
> + container_of(rcu, struct allowedips_node, rcu) };
> + unsigned int len = 1;
> +
> + while (len > 0 && (node = stack[--len]) &&
> + push_rcu(stack, node->bit[0], len) &&
> + push_rcu(stack, node->bit[1], len))
> + kfree(node);
> +}
Hi Jason
I see this BUG_ON() is still here. It really needs to be removed. It
does not look like you need to crash the kernel here. Can you add in a
test of len >= 128, do a WARN and then return. I think you then leak
some memory, but i would much prefer that to a crashed machine.
Andrew
Powered by blists - more mailing lists