lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 29 Sep 2010 20:16:18 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	arno@...isbad.org
Cc:	eric.dumazet@...il.com, herbert@...dor.apana.org.au,
	yoshfuji@...ux-ipv6.org, netdev@...r.kernel.org
Subject: Re: [PATCHv3 net-next-2.6 3/5] XFRM,IPv6: Add IRO src/dst address
 remapping XFRM types and i/o handlers

From: Arnaud Ebalard <arno@...isbad.org>
Date: Wed, 29 Sep 2010 11:05:47 +0200

> +static int mip6_iro_src_reject(struct xfrm_state *x, struct sk_buff *skb, struct flowi *fl)
> +{
> +	int err = 0;
> +
> +	/* XXX We may need some reject handler at some point but it is not
> +	 * critical yet: see xfrm_secpath_reject() in net/xfrm/xfrm_policy.c
> +	 * and aslo what mip6_destopt_reject() implements */
> +
> +	printk("XXX FIXME: mip6_iro_src_reject() called\n");

pr_debug() or pr_err() or get rid of it altogher and use WARN_ON() or
similar.

> +	spin_lock(&x->lock);
> +	if (!ipv6_addr_equal(&iph->daddr, (struct in6_addr *)x->coaddr) &&
> +	    !ipv6_addr_any((struct in6_addr *)x->coaddr))
> +		err = -ENOENT;
> +	spin_unlock(&x->lock);

What are you actually protecting with this lock?  The moment you drop
it the x->coaddr can change which changes the result you should return
here.

I suspect you either don't need the lock, or you need to lock at a higher
level.

> +		printk(KERN_INFO "%s: spi is not 0: %u\n", __func__,

pr_info()

> +		printk(KERN_INFO "%s: state's mode is not %u: %u\n",

pr_info()

> +		       __func__, XFRM_MODE_ROUTEOPTIMIZATION,

Printing decimal values for CPP macro constants does not make log
messages very readable.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ