| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1316419052.2539.1.camel@edumazet-HP-Compaq-6005-Pro-SFF-PC> Date: Mon, 19 Sep 2011 09:57:31 +0200 From: Eric Dumazet <eric.dumazet@...il.com> To: Tim Chen <tim.c.chen@...ux.intel.com> Cc: David Miller <davem@...emloft.net>, zheng.z.yan@...ux.intel.com, zheng.z.yan@...el.com, netdev@...r.kernel.org, sfr@...b.auug.org.au, jirislaby@...il.com, sedat.dilek@...il.com, alex.shi@...el.com Subject: Re: [PATCH -next v2] unix stream: Fix use-after-free crashes Le vendredi 16 septembre 2011 à 09:50 -0700, Tim Chen a écrit : > On Fri, 2011-09-16 at 19:35 -0400, David Miller wrote: > > From: Eric Dumazet <eric.dumazet@...il.com> > > Date: Wed, 07 Sep 2011 04:55:26 +0200 > > > > > Please David just revert 0856a304091b33a8e > > > > Done. > > Eric, > > Can you re-spin a patch that incorporates your idea that we don't > add pid/credential references when we are not requesting credentials > in the socket. And probably another one that remove unnecessary > pid/credentials references in send/receive when we do use credentials? Sure, I did it this morning, please review it if you have some time. If we find a regression (some popular app doing write() and expecting credential to be sent to receiver), we could test the SOCK_PASSCRED flag on receiver socket. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists