| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4BB21A85.2030203@iki.fi> Date: Tue, 30 Mar 2010 18:36:37 +0300 From: Timo Teräs <timo.teras@....fi> To: Herbert Xu <herbert@...dor.apana.org.au> CC: netdev@...r.kernel.org Subject: Re: [PATCH 1/7] xfrm: remove policy lock when accessing policy->walk.dead Herbert Xu wrote: > On Tue, Mar 30, 2010 at 05:01:47PM +0300, Timo Teräs wrote: >> Since the exported function xfrm_policy_byid() can result in deletion >> of socket policy, it's safer to leave this change in. This is can be >> even triggered via xfrm_user since it does not check 'dir' for the >> policy expired message it handles. Any custom module could do similar >> harm. > > That's a bug. Socket policies should never be deleted by anyone > other than the socket owner through a setsockopt. Ok. I can remove the change to xfrm_sk_policy_insert() if you want. I only added it because it's non-trivial to figure out if there's any code path that could race. It's a great help for reader of the code to see that it's correct even if it's not strictly needed. My initial feeling is that the change produces better code as the original 'old_pol' does not have to get stored and restored. I'm fine either way. I will also include a patch to fix the missing 'dir' check in xfrm_user. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists