| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Jan 2013 12:30:18 +0100
From: Romain KUNTZ <r.kuntz@...lavors.com>
To: nicolas.dichtel@...nd.com
Cc: netdev@...r.kernel.org, Eric Dumazet <eric.dumazet@...il.com>,
yoshfuji@...ux-ipv6.org, davem@...emloft.net,
Romain KUNTZ <r.kuntz@...lavors.com>
Subject: Re: [PATCH 1/2] ipv6: avoid blackhole and prohibited entries upon prefix purge [v2]
Hello Nicolas,
On Jan 7, 2013, at 11:25 , Nicolas Dichtel <nicolas.dichtel@...nd.com> wrote:
> Le 05/01/2013 22:44, Romain KUNTZ a écrit :
>> Mobile IPv6 provokes a kernel Oops since commit 64c6d08e (ipv6:
>> del unreachable route when an addr is deleted on lo), because
>> ip6_route_lookup() may also return blackhole and prohibited
>> entry. However, these entries have a NULL rt6i_table argument,
>> which provokes an Oops in __ip6_del_rt() when trying to lock
>> rt6i_table->tb6_lock.
>>
>> Beside, when purging a prefix, blakhole and prohibited entries
>> should not be selected because they are not what we are looking
>> for.
>>
>> We fix this by adding two new lookup flags (RT6_LOOKUP_F_NO_BLK_HOLE
>> and RT6_LOOKUP_F_NO_PROHIBIT) in order to ensure that such entries
>> are skipped during lookup and that the correct entry is returned.
>>
>> [v2]: use 'goto out;' instead of 'goto again;' to avoid unnecessary
>> oprations on rt (as suggested by Eric Dumazet).
>>
>> Signed-off-by: Romain Kuntz <r.kuntz@...lavors.com>
>> ---
>> include/net/ip6_route.h | 2 ++
>> net/ipv6/addrconf.c | 4 +++-
>> net/ipv6/fib6_rules.c | 4 ++++
>> 3 files changed, 9 insertions(+), 1 deletions(-)
>>
>> diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h
>> index 27d8318..3c93743 100644
>> --- a/include/net/ip6_route.h
>> +++ b/include/net/ip6_route.h
>> @@ -30,6 +30,8 @@ struct route_info {
>> #define RT6_LOOKUP_F_SRCPREF_TMP 0x00000008
>> #define RT6_LOOKUP_F_SRCPREF_PUBLIC 0x00000010
>> #define RT6_LOOKUP_F_SRCPREF_COA 0x00000020
>> +#define RT6_LOOKUP_F_NO_BLK_HOLE 0x00000040
>> +#define RT6_LOOKUP_F_NO_PROHIBIT 0x00000080
>>
>> /*
>> * rt6_srcprefs2flags() and rt6_flags2srcprefs() translate
>> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
>> index 408cac4a..1891e23 100644
>> --- a/net/ipv6/addrconf.c
>> +++ b/net/ipv6/addrconf.c
>> @@ -948,7 +948,9 @@ static void ipv6_del_addr(struct inet6_ifaddr *ifp)
>> fl6.flowi6_oif = ifp->idev->dev->ifindex;
>> fl6.daddr = prefix;
>> rt = (struct rt6_info *)ip6_route_lookup(net, &fl6,
>> - RT6_LOOKUP_F_IFACE);
>> + RT6_LOOKUP_F_IFACE |
>> + RT6_LOOKUP_F_NO_BLK_HOLE |
>> + RT6_LOOKUP_F_NO_PROHIBIT);
>>
>> if (rt != net->ipv6.ip6_null_entry &&
> Is it not simpler to test the result here (net->ipv6.ip6_blk_hole_entry and
> net->ipv6.ip6_prohibit_entry) like for the null_entry?
> It will also avoid adding more flags.
Your proposal would only solve part of the problem (the Oops in __ip6_del_rt()). Another problem here is that blackhole and prohibited rules should not be selected when trying to purge a prefix (correct me if I'm wrong) because they are not what we are looking for. This can prevent the targeted prefix from being purged.
Thank you,
Romain
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists