| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <209548b5-27d2-2059-f2e9-2148f5a0291b@gmail.com>
Date: Wed, 6 Oct 2021 19:14:39 -0600
From: David Ahern <dsahern@...il.com>
To: Leonard Crestez <cdleonard@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
David Ahern <dsahern@...nel.org>
Cc: "David S. Miller" <davem@...emloft.net>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
Jakub Kicinski <kuba@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Kuniyuki Iwashima <kuniyu@...zon.co.jp>,
Yonghong Song <yhs@...com>,
Alexander Duyck <alexanderduyck@...com>,
Florian Westphal <fw@...len.de>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tcp: md5: Fix overlap between vrf and non-vrf keys
On 10/6/21 11:48 AM, Leonard Crestez wrote:
> @@ -1103,11 +1116,11 @@ static struct tcp_md5sig_key *tcp_md5_do_lookup_exact(const struct sock *sk,
> #endif
> hlist_for_each_entry_rcu(key, &md5sig->head, node,
> lockdep_sock_is_held(sk)) {
> if (key->family != family)
> continue;
> - if (key->l3index && key->l3index != l3index)
> + if (key->l3index != l3index)
That seems like the bug fix there. The L3 reference needs to match for
new key and existing key. I think the same change is needed in
__tcp_md5_do_lookup.
> continue;
> if (!memcmp(&key->addr, addr, size) &&
> key->prefixlen == prefixlen)
> return key;
> }
>
> base-commit: 9cbfc51af026f5b721a1b36cf622ada591b3c5de
>
Powered by blists - more mailing lists