lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20100319155541.731eec28.akpm@linux-foundation.org>
Date:	Fri, 19 Mar 2010 15:55:41 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Alexandra.Kossovsky@...etlabs.ru
Cc:	bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org, netdev@...r.kernel.org
Subject: Re: [Bugme-new] [Bug 15541] New: POLLIN bit is set when there is
 OOB data only


(switched to email.  Please respond via emailed reply-to-all, not via the
bugzilla web interface).

On Mon, 15 Mar 2010 16:19:43 GMT
bugzilla-daemon@...zilla.kernel.org wrote:

> http://bugzilla.kernel.org/show_bug.cgi?id=15541
> 
>            Summary: POLLIN bit is set when there is OOB data only
>            Product: Networking
>            Version: 2.5
>     Kernel Version: 2.6.28, 2.6.32, 2.6.33
>           Platform: All
>         OS/Version: Linux
>               Tree: Mainline
>             Status: NEW
>           Severity: normal
>           Priority: P1
>          Component: IPV4
>         AssignedTo: shemminger@...ux-foundation.org
>         ReportedBy: Alexandra.Kossovsky@...etlabs.ru
>                 CC: davem@...emloft.net
>         Regression: Yes
> 
> 
> Starting from 2.6.28, Linux kernel has incorrect behaviour when poll() is
> called on TCP socket with out-of-band byte received.
> 
> When TCP socket has OOB byte available (and no normal data), old Linux,
> Solaris, FreeBSD and other systems return POLLPRI bit without POLLRD.  Starting
> from 2.6.28, Linux returns POLLRD | POLLPRI | POLLRDNORM.
> 
> The broken commt is
> http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.28.y.git;a=commitdiff;h=c7004482e8dcb7c3c72666395cfa98a216a4fb70
> .
> Following 1-line patch fixes the problem:
> --- a/net/ipv4/tcp.c 2010-03-15 19:13:45.000000000 +0300
> +++ b/net/ipv4/tcp.c      2010-03-15 19:13:21.000000000 +0300
> @@ -428,7 +428,7 @@
>                 if (tp->urg_seq == tp->copied_seq &&
>                     !sock_flag(sk, SOCK_URGINLINE) &&
>                     tp->urg_data)
> -                       target--;
> +                       target++;
> 
>                 /* Potential race condition. If read of tp below will
>                  * escape above sk->sk_state, we can be illegally awaken
> 

Thanks.

(Please don't send patches via bugzilla - it causes lots of problems with
our usual patch management and review processes.

Please send this patch via email as per Documentation/SubmittingPatches. 
Suitable recipients may be found via scripts/get_maintainer.pl)


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ