lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	12 Jul 2010 21:50:29 -0400
From:	"George Spelvin" <linux@...izon.com>
To:	timo.teras@....fi
Cc:	davem@...emloft.net, linux@...izon.com, netdev@...r.kernel.org
Subject: Re: [REGRESSION,BISECTED] Panic on ifup

> And here goes the patch (which I've only compile tested so far).

That does indeed fix it!  Also applies and works with -rc5.
Please queue for -rc6.  (Unless you want to tweak the patch a bit;
I haven't done any sort of code review on it.)

Tested-by: George Spelvin <linux@...izon.com>

> diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
> index af1c173..200f8d7 100644
> --- a/net/xfrm/xfrm_policy.c
> +++ b/net/xfrm/xfrm_policy.c
> @@ -1598,7 +1598,8 @@ xfrm_resolve_and_create_bundle(struct xfrm_policy
> **pols, int num_pols,
>  		if (err != -EAGAIN)
>  			XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR);
>  		return ERR_PTR(err);
> -	}
> +	} else if (err == 0)
> +		return NULL;
> 
>  	dst = xfrm_bundle_create(pols[0], xfrm, err, fl, dst_orig);
>  	if (IS_ERR(dst)) {

This could be simplified to (if you want; it's smaller but uglier)

	if (err <= 0) {
		if (err != 0 && err != -EAGAIN)
			XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR);
		return ERR_PTR(err);	/* Correctly returns NULL if err == 0 */
	}

> @@ -1678,6 +1679,13 @@ xfrm_bundle_lookup(struct net *net, struct flowi
> *fl, u16 family, u8 dir,
>  			goto make_dummy_bundle;
>  		dst_hold(&xdst->u.dst);
>  		return oldflo;
> +	} else if (new_xdst == NULL) {
> +		num_xfrms = 0;
> +		if (oldflo == NULL)
> +			goto make_dummy_bundle;
> +		xdst->num_xfrms = 0;
> +		dst_hold(&xdst->u.dst);
> +		return oldflo;
>  	}
> 
>  	/* Kill the previous bundle */

This I'm having a hard time simplifying.  It resembles the previous
block, but not enough.

> @@ -1760,6 +1768,10 @@ restart:
>  				xfrm_pols_put(pols, num_pols);
>  				err = PTR_ERR(xdst);
>  				goto dropdst;
> +			} else if (xdst == NULL) {
> +				num_xfrms = 0;
> +				drop_pols = num_pols;
> +				goto no_transform;
>  			}
> 
>  			spin_lock_bh(&xfrm_policy_sk_bundle_lock);
> 

I see two nearby tests for xdst == NULL ("To accelerate a bit..."); I take it
they can't be combined?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ