lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 26 Mar 2015 17:08:05 +0300
From:	Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To:	Alexey Kodanev <alexey.kodanev@...cle.com>, netdev@...r.kernel.org
CC:	vasily.isaenko@...cle.com
Subject: Re: [PATCH v2] net: tcp6: fix double call of tcp_v6_fill_cb()

Hello.

On 3/26/2015 11:28 AM, Alexey Kodanev wrote:

> Regression from the following commit: 2dc49d1680.

    Please also specify that commit's summary line in parens.

> tcp_v6_fill_cb() will be called twice if socket's state changes from
> TCP_TIME_WAIT to TCP_LISTEN. That can result in control buffer data
> corruption because in the second tcp_v6_fill_cb() call it's not copying
> IP6CB(skb) anymore, but 'seq', 'end_seq', etc., so we can get weird and
> unpredictable results. Performance loss of up to 1200% has been observed
> in LTP/vxlan03 test.

> This can be fixed by copying inet6_skb_parm to the beginning of 'cb'
> only if xfrm6_policy_check() and tcp_v6_fill_cb() are going to be
> called again.

> Signed-off-by: Alexey Kodanev <alexey.kodanev@...cle.com>

[...]

WBR, Sergei

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists