lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20120316.223353.988595838790067214.davem@davemloft.net>
Date:	Fri, 16 Mar 2012 22:33:53 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	gaofeng@...fujitsu.com
Cc:	netdev@...r.kernel.org, eric.dumazet@...il.com
Subject: Re: [PATCH v5] ipv6: Fix problem with expired dst cache

From: Gao feng <gaofeng@...fujitsu.com>
Date: Mon, 5 Mar 2012 15:16:02 +0800

> If the ipv6 dst cache which copy from the dst generated by ICMPV6 RA packet.
> this dst cache will not check expire because it has no RTF_EXPIRES flag.
> So this dst cache will always be used until the dst gc run.
> 
> Change the struct dst_entry,add a union contains new pointer from and expires.
> When rt6_info.rt6i_flags has no RTF_EXPIRES flag,the dst.expires has no use.
> we can use this field to point to where the dst cache copy from.
> The dst.from is only used in IPV6.
> 
> In func rt6_check_expired check if rt6_info.dst.from is expired.
> 
> In func ip6_rt_copy only set dst.from when the ort has flag RTF_ADDRCONF
> and RTF_DEFAULT.then hold the ort.
> 
> In func ip6_dst_destroy release the ort.
> 
> Add some functions to operate the RTF_EXPIRES flag and expires(from) together.
> and change the code to use these new adding functions.
> 
> Signed-off-by: Gao feng <gaofeng@...fujitsu.com>

I see some unprotected access to dst.expires in the router discovery
code in net/ipv6/ndisc.c, doesn't that need to be updated?

There are probably some more similar cases elsewhere in the ipv6 code
too.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ