lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 5 Jul 2017 09:40:36 -0700
From:   Cong Wang <xiyou.wangcong@...il.com>
To:     Jamie Bainbridge <jamie.bainbridge@...il.com>
Cc:     Linux Kernel Network Developers <netdev@...r.kernel.org>,
        Andrey Wagin <avagin@...il.com>, Kaiwen Xu <kaiwen.xu@...u.com>
Subject: Re: [Patch net] tcp: reset sk_rx_dst in tcp_disconnect()

On Tue, Jul 4, 2017 at 11:54 PM, Jamie Bainbridge
<jamie.bainbridge@...il.com> wrote:
> On 25 June 2017 at 16:50, Cong Wang <xiyou.wangcong@...il.com> wrote:
>> We have to reset the sk->sk_rx_dst when we disconnect a TCP
>> connection, because otherwise when we re-connect it this
>> dst reference is simply overridden in tcp_finish_connect().
>>
>> This fixes a dst leak which leads to a loopback dev refcnt
>> leak. It is a long-standing bug, Kevin reported a very similar
>> (if not same) bug before. Thanks to Andrei for providing such
>> a reliable reproducer which greatly narrows down the problem.
>>
>> Fixes: 41063e9dd119 ("ipv4: Early TCP socket demux.")
>> Reported-by: Andrei Vagin <avagin@...il.com>
>> Reported-by: Kevin Xu <kaiwen.xu@...u.com>
>> Signed-off-by: Cong Wang <xiyou.wangcong@...il.com>
>
> Are you able to supply the reproducer for this?
>
> I did search for a previous thread about it but could not find.

Here it is:
http://marc.info/?l=linux-kernel&m=149825461307610&w=2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ