| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m11v801tfr.fsf@fess.ebiederm.org> Date: Fri, 08 Oct 2010 10:32:40 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: David Miller <davem@...emloft.net> Cc: hans.schillstrom@...csson.com, daniel.lezcano@...e.fr, netdev@...r.kernel.org Subject: Re: BUG ? ipip unregister_netdevice_many() David Miller <davem@...emloft.net> writes: > From: ebiederm@...ssion.com (Eric W. Biederman) > Date: Fri, 08 Oct 2010 09:45:15 -0700 > >> My hunch is that we have dst entry problems, as I know those hop network >> interfaces when we destroy network devices, but I have seen weird issues >> with the route cache as well. > > While we're on this topic, can someone explain to me what the special > CONFIG_NET_NS code in net/ipv4/route.c:rt_do_flush() is trying to > accomplish? > > If the issue is that there is an implicit ordering of releasing of > 'dst' entries that must be maintained, we really ought to formalize > it (f.e. with dependency pointers or something like that). It is just dealing with not flushing the entire routing cache, just the routes that have expired. Which prevents one network namespace from flushing it's routes and DOS'ing another. The practical consequence is that the hash chains have to be picked apart with some entries kept and some released based upon rt_is_expired(). I went through it a year or so ago with a fine tooth comb and it made sense and seems correct, but it does seem overly convoluted. Eric -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists