lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <d4390fcd400a4dc2b8f2a61b9190155f@huawei.com>
Date:   Sat, 15 Aug 2020 02:18:09 +0000
From:   linmiaohe <linmiaohe@...wei.com>
To:     Eric Dumazet <edumazet@...gle.com>
CC:     Willem de Bruijn <willemdebruijn.kernel@...il.com>,
        David Miller <davem@...emloft.net>,
        Paolo Abeni <pabeni@...hat.com>,
        Florian Westphal <fw@...len.de>,
        Pablo Neira Ayuso <pablo@...filter.org>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        "rdunlap@...radead.org" <rdunlap@...radead.org>,
        "decui@...rosoft.com" <decui@...rosoft.com>,
        Jakub Sitnicki <jakub@...udflare.com>,
        "jeremy@...zel.net" <jeremy@...zel.net>,
        "mashirle@...ibm.com" <mashirle@...ibm.com>,
        linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/5] net: Fix potential deadloop in skb_copy_ubufs()

Eric Dumazet <edumazet@...gle.com> wrote:
>On Fri, Aug 14, 2020 at 12:14 AM linmiaohe <linmiaohe@...wei.com> wrote:
>>
>> Willem de Bruijn <willemdebruijn.kernel@...il.com> wrote:
>>
>> Since we always call skb_orphan_frags in skb_clone, is it unnecessary to call skb_orphan_frags in pskb_expand_head when skb is cloned ?
>
>Please give us a real case.
>
>I fear that your patches are coming directly from some kind of automated tool, that really misses how the code is really used from _current_ code base, not _hypothetical_ one.
>
>This is very time consuming. Please provide evidence first.
>
>Thank you.

I'am sorry about it. I do this mainly through code review and do some test code. So the problem codepath may not exist from current code base, but may
happen when we do not take care of it in the future use. We may forget same assumption. And make these assumptions clear seems not a bad thing.
But I'am going to just drop this patch. I believe you all can handle the things correctly.

Many thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ