| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170508073018.27380-1-ilant@mellanox.com>
Date: Mon, 8 May 2017 10:30:18 +0300
From: <ilant@...lanox.com>
To: David Miller <davem@...emloft.net>,
Steffen Klassert <steffen.klassert@...unet.com>
CC: Boris Pismenny <borisp@...lanox.com>, <netdev@...r.kernel.org>,
Ilan Tayari <ilant@...lanox.com>
Subject: [PATCH net] xfrm: Fix NETDEV_DOWN with IPSec offload
From: Ilan Tayari <ilant@...lanox.com>
Upon NETDEV_DOWN event, all xfrm_state objects which are bound to
the device are flushed.
The condition for this is wrong, though, testing dev->hw_features
instead of dev->features. If a device has non-user-modifiable
NETIF_F_HW_ESP, then its xfrm_state objects are not flushed,
causing a crash later on after the device is deleted.
Check dev->features instead of dev->hw_features.
Signed-off-by: Ilan Tayari <ilant@...lanox.com>
Acked-by: Steffen Klassert <steffen.klassert@...unet.com>
---
net/xfrm/xfrm_device.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c
index 8ec8a3fcf8d4..574e6f32f94f 100644
--- a/net/xfrm/xfrm_device.c
+++ b/net/xfrm/xfrm_device.c
@@ -170,7 +170,7 @@ static int xfrm_dev_feat_change(struct net_device *dev)
static int xfrm_dev_down(struct net_device *dev)
{
- if (dev->hw_features & NETIF_F_HW_ESP)
+ if (dev->features & NETIF_F_HW_ESP)
xfrm_dev_state_flush(dev_net(dev), dev, true);
xfrm_garbage_collect(dev_net(dev));
--
2.11.0
Powered by blists - more mailing lists