| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100609180718.GA19804@dvomlehn-lnx2.corp.sa.net> Date: Wed, 9 Jun 2010 11:07:18 -0700 From: David VomLehn <dvomlehn@...co.com> To: Andi Kleen <andi@...stfloor.org> Cc: netdev@...r.kernel.org Subject: Re: [PATCH][RFC] Check sk_buff states On Wed, Jun 09, 2010 at 02:14:06AM -0500, Andi Kleen wrote: > David VomLehn <dvomlehn@...co.com> writes: > > > > Some of the errors that can be detected are: > > o Double-freeing an skb_buff > > slab debugging should already catch that (although at higher cost) There is a sublety here--if skb_clone() is used, skb_free() isn't necessarily called until both parts of the cloned sk_buff are no longer used. But it's not just that the double free is called, it's that you also know where the first free is located. This turns out to be very valuable. > I would say the big question is how many bugs such a new infrastructure > find. Did you find any? Definitely. I've heard back about two cases. One of them was especially gratifying because it has a control case. Two people were looking for the same bug and found it within hours of each other. One person, who didn't have the code enabled, took three weeks. The other person enabled the code. It took him three hours to find the problem. So, our networking people have been very happy to have this. > -Andi -- David VL -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists