lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 30 May 2009 14:07:50 +0200
From:	Jarek Poplawski <jarkao2@...il.com>
To:	jamal <hadi@...erus.ca>
Cc:	Minoru Usui <mi.usui@...il.com>,
	Minoru Usui <usui@....nes.nec.co.jp>, netdev@...r.kernel.org,
	containers@...ts.linux-foundation.org
Subject: Re: [BUG] net_cls: Panic occured when net_cls subsystem use

On Sat, May 30, 2009 at 07:56:34AM -0400, jamal wrote:
> On Sat, 2009-05-30 at 13:45 +0200, Jarek Poplawski wrote:
> 
> > > > >       }
> > > > >
> > > > >       err = tp->ops->change(tp, cl, t->tcm_handle, tca, &fh);
> > > > > -     if (err == 0)
> > > > > +     if (err == 0) {
> > > > > +             if (n->nlmsg_type == RTM_NEWTFILTER &&
> > > > > +                 (n->nlmsg_flags&NLM_F_CREATE)) {
> > 
> > Since "tc filter replace" uses this type and flag too without creating
> > tp, this check is not enough. I guess we could simply use a variable
> > like tp_created etc. 
> 
> It will be superfluos. 
> tp_created is the check
> n->nlmsg_type == RTM_NEWTFILTER && n->nlmsg_flags&NLM_F_CREATE
> replace will be
> n->nlmsg_type == RTM_NEWTFILTER && n->nlmsg_flags & NLM_F_EXCL

Hmm... Probably I miss something, but I've just seen this prink during
tc filter replace with:

err = tp->ops->change();
if (n->nlmsg_type == RTM_NEWTFILTER && (n->nlmsg_flags&NLM_F_CREATE))
	printk(...);

> 
> > Anyway, changing this place looks tricky to me,
> > so maybe it would be safer to do a separate cls_cgroup fix just for
> > -stable, and this one patch for -next only?
> 
> I think they are two separate issues.
> The fact that we dont destroy an allocated tp on failure is an issue
> regardless of what cls_group does. In the case of Minoru's issue
> it is because he is misconfiguring cls_group.

Sure, but we don't want people to get oops in such a case, I guess.

Cheers,
Jarek P.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ