| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260120004720.1886632-1-p@1g4.org> Date: Tue, 20 Jan 2026 00:48:21 +0000 From: Paul Moses <p@....org> To: netdev@...r.kernel.org Cc: Jamal Hadi Salim <jhs@...atatu.com>, Cong Wang <xiyou.wangcong@...il.com>, Jiri Pirko <jiri@...nulli.us>, "David S . Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, linux-kernel@...r.kernel.org, Paul Moses <p@....org> Subject: [PATCH net v2 0/2] net: sched: act_gate: fix update races and infoleak This series fixes act_gate schedule update races by switching to a prepare-then-swap model with an RCU-protected params pointer, so the hrtimer/datapath never observe partially updated or freed schedules. Old params are freed via call_rcu() after the swap. It also zero-initializes the netlink dump struct to prevent padding information leaks, and tightens schedule/timing validation to avoid misprogramming the hrtimer on invalid inputs. Changes since v1: - Drop tc-testing changes; no test updates required - Validation fixes: base/cycle range checks + derived cycle overflow guard - Fix create/update corner cases: avoid oldp deref on create, publish params only after full init, fix partial schedule copy cleanup - Timer handling: cancel/reprogram only when required - Keep dump struct zero-init without unrelated code motion Patches: 1/2 net/sched: act_gate: fix schedule updates with RCU swap 2/2 net/sched: act_gate: zero-initialize netlink dump struct -- 2.52.GIT
Powered by blists - more mailing lists