lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Mon, 01 Oct 2007 10:42:45 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Patrick McHardy <kaber@...sh.net>
Cc:	"Denis V. Lunev" <dlunev@...il.com>,
	"Denis V. Lunev" <den@...nvz.org>, davem@...emloft.net,
	netdev@...r.kernel.org
Subject: Re: [PATCH] memory leak in netlink user->kernel processing

Patrick McHardy <kaber@...sh.net> writes:

> Denis V. Lunev wrote:
>> By the way, Patrick, this looks like nlk->pid == 0 if and only if this
>> is a kernel socket. Right?
>>
>
> Thats correct.
>
>> I have told with Alexey Kuznetsov and we have discrovered a way to get
>> rid of
>>         skb_queue_tail(&sk->sk_receive_queue, skb);
>>         sk->sk_data_ready(sk, len);
>> in netlink_sendskb/etc for kernel sockets and make user->kernel packets
>> processing truly synchronous.
>>
>> The idea is simple, we should queue/wakeup in kernel->user direction and
>> simply call nlk->data_ready for user->kernel direction. This will remove
>> all the crap we have now. But we need a mark to determine the direction.
>> Which one will be better? (nlk->data_ready) or (nlk->pid == 0)
>
>
> Both would work fine, but I think nlk->pid is better since its
> actually the "address".

Maybe.  nlk->pid is also 0, before the socket is bound so it does
not serve as a reliable indicator that you have a kernel socket.

My gut feel says the best test is:
(nlk->flags & NETLINK_KERNEL_SOCKET)

There is no confusion in that and it is dead obvious what we
are testing for.  Although we do still need to properly handle
the case when netlink_kernel_create is called with a NULL
input method.  As long as get the proper -ECONNREFUSED the
code path doesn't look like it matters.

Eric

-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists