lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 20 May 2019 10:00:16 +0800
From:   Hangbin Liu <liuhangbin@...il.com>
To:     Florian Westphal <fw@...len.de>
Cc:     Nathan Chancellor <natechancellor@...il.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Thomas Haller <thaller@...hat.com>,
        David Ahern <dsahern@...il.com>,
        "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH 4.9 41/51] fib_rules: return 0 directly if an exactly
 same rule exists when NLM_F_EXCL not supplied

On Sun, May 19, 2019 at 10:27:53PM +0200, Florian Westphal wrote:
> Nathan Chancellor <natechancellor@...il.com> wrote:
> > On Wed, May 15, 2019 at 12:56:16PM +0200, Greg Kroah-Hartman wrote:
> > > From: Hangbin Liu <liuhangbin@...il.com>
> > > 
> > > [ Upstream commit e9919a24d3022f72bcadc407e73a6ef17093a849 ]
> 
> [..]
> 
> > > Fixes: 153380ec4b9 ("fib_rules: Added NLM_F_EXCL support to fib_nl_newrule")
> > > Reported-by: Thomas Haller <thaller@...hat.com>
> > > Signed-off-by: Hangbin Liu <liuhangbin@...il.com>
> > > Signed-off-by: David S. Miller <davem@...emloft.net>
> > > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > > ---
> > >  net/core/fib_rules.c |    6 +++---
> > >  1 file changed, 3 insertions(+), 3 deletions(-)
> > > 
> > > --- a/net/core/fib_rules.c
> > > +++ b/net/core/fib_rules.c
> > > @@ -429,9 +429,9 @@ int fib_nl_newrule(struct sk_buff *skb,
> > >  	if (rule->l3mdev && rule->table)
> > >  		goto errout_free;
> > >  
> > > -	if ((nlh->nlmsg_flags & NLM_F_EXCL) &&
> > > -	    rule_exists(ops, frh, tb, rule)) {
> > > -		err = -EEXIST;
> > > +	if (rule_exists(ops, frh, tb, rule)) {
> > > +		if (nlh->nlmsg_flags & NLM_F_EXCL)
> > > +			err = -EEXIST;
> > This commit is causing issues on Android devices when Wi-Fi and mobile
> > data are both enabled. The device will do a soft reboot consistently.
> 
> Not surprising, the patch can't be applied to 4.9 as-is.
> 
> In 4.9, code looks like this:
> 
>  err = -EINVAL;
>  /* irrelevant */
>  if (rule_exists(ops, frh, tb, rule)) {
>   if (nlh->nlmsg_flags & NLM_F_EXCL)
>     err = -EEXIST;
>     goto errout_free;
>  }
> 
> So, if rule_exists() is true, we return -EINVAL to caller
> instead of 0, unlike upstream.
> 
> I don't think this commit is stable material.

Thanks Florian for helping check it. So we need either revert this patch,
or at least backport adeb45cbb505 ("fib_rules: fix error return code") and
f9d4b0c1e969 ("fib_rules: move common handling of newrule delrule
msgs into fib_nl2rule").

For me, I agree to revert this patch from stable tree as it's a small fix. The
issue has been there for a long time and I didn't see much complain from
customer.

Thanks
Hangbin

Powered by blists - more mailing lists