| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 06 Apr 2010 15:55:13 +0300 From: Timo Teräs <timo.teras@....fi> To: Herbert Xu <herbert@...dor.apana.org.au> CC: netdev@...r.kernel.org Subject: Re: [PATCH 2/4] xfrm: cache bundles instead of policies for outgoing flows Herbert Xu wrote: > On Mon, Apr 05, 2010 at 10:00:22AM +0300, Timo Teras wrote: >> @@ -623,33 +618,11 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) >> + hlist_for_each_entry_continue(policy, entry, bydst) >> + atomic_inc(&policy->genid); > > Do we still need this since we're invalidating the whole flow > cache? > > The current code is necessary since otherwise the bundles won't > get freed. But with your new code, this is essentially doing > nothing, no? You are right. I completely missed the flushing there. It was just systematic conversion of deleting the bundles to incrementing the genid. Which also makes me think of another issue. The resolver does not get notice if the genid was outdated. So it might end up the old policies from bundle after xfrm_policy_insert(). I think we should explicitly call ops->delete() in flow_cache_lookup if the flow genid was outdated. (I remember actually doing this, but also removing it when I was hunting my the one hlist related corruption bug.) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists