| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJD3hpUgNJPOqGmAp7tEaY2+EnOasG=W6VLOMbEhDRgr8M5v8A@mail.gmail.com>
Date: Wed, 7 Sep 2016 18:55:52 -0700
From: Jojy Varghese <jojy.varghese@...il.com>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net
Subject: [PATCH] net_namespace: fixed net_device reference leak
During namespace cleanup, if ‘dst’ subsystem is holding
a reference to the loopback interface in the namespace, it does not get
released. This is because in the case where the net_device held by 'dst'
is same as the namespace's loopback net_device, current code first
does a ’dev_hold’ on the same device followed by a ‘dev_put’ on the
same device resulting in a no-op.
This change fixes this leak by assigning the initial namespace’s loopback
device to the ‘dst’’ before releasing the reference to the network device
being unregistered.
Additional reference: https://github.com/docker/docker/issues/5618
Signed-off-by: Jojy G Varghese <jojy.varghese@...il.com>
---
net/core/dst.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/dst.c b/net/core/dst.c
index a1656e3..a18e8ea 100644
--- a/net/core/dst.c
+++ b/net/core/dst.c
@@ -433,7 +433,7 @@ static void dst_ifdown(struct dst_entry *dst,
struct net_device *dev,
dst->input = dst_discard;
dst->output = dst_discard_out;
} else {
- dst->dev = dev_net(dst->dev)->loopback_dev;
+ dst->dev = init_net.loopback_dev;
dev_hold(dst->dev);
dev_put(dev);
}
--
1.8.3.1
Powered by blists - more mailing lists