lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170530135302.5ecaec88@griffin>
Date:   Tue, 30 May 2017 13:53:02 +0200
From:   Jiri Benc <jbenc@...hat.com>
To:     Roopa Prabhu <roopa@...ulusnetworks.com>
Cc:     Mark Bloch <markb@...lanox.com>,
        "davem@...emloft.net" <davem@...emloft.net>,
        pravin shelar <pshelar@....org>,
        Alexander Duyck <aduyck@...antis.com>,
        Nicolas Dichtel <nicolas.dichtel@...nd.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        Balki Raman <ramanb@...ulusnetworks.com>
Subject: Re: vxlan: use after free error

On Mon, 29 May 2017 11:37:22 -0700, Roopa Prabhu wrote:
> What you say looks correct..., but does not hurt to leave this check in there..
> given rest of the changes you are proposing below.

I agree with Mark that the check is superfluous and should not be there.

> Looking at git blame, this check was added for OVS in dellink...but it
> could have been because
>  it was being called before stop in dellink.

The code at that time did not use rtnl ops to create/delete the tunnel
and was refactored meanwhile. The conditions from that time do not hold
anymore.

> That seems right. It does look redundant if we hit the same code via
> vxlan_stop during dellink.
> 
> This code is also hit via the OVS path, and i don't see a problem with
> your changes and analysis but i am not too familiar with the ovs call
> path. I see that the relevant developers are CC'ed.

I think it's okay.

Thanks!

 Jiri

Powered by blists - more mailing lists