| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 09 Jul 2017 21:40:43 +0100 (WEST)
From: David Miller <davem@...emloft.net>
To: sowmini.varadhan@...cle.com
Cc: torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
herbert@...dor.apana.org.au
Subject: Re: [GIT] Networking
From: Sowmini Varadhan <sowmini.varadhan@...cle.com>
Date: Sun, 9 Jul 2017 15:11:31 -0400
> On (07/09/17 11:49), Linus Torvalds wrote:
>>
>> On Sat, Jul 8, 2017 at 3:36 AM, David Miller <davem@...emloft.net> wrote:
>> >
>> > 8) Fix socket leak on accept() in RDS, from Sowmini Varadhan. Also
>> > add a WARN_ON() to sock_graft() so other protocol stacks don't trip
>> > over this as well.
>>
>> Hmm. This one triggers for me on both my desktop and laptop at bootup.
>> Bog-standard machines, running F25 and F24 respectively.
>>
>> The warning doesn't seem particularly useful, although maybe that
>> "alg_accept()" gives people who know this code enough of a clue.
>
> My initial question was whether sock_graft() should do a sock_put()
> before cutting loose the existing parent->sk and assigning a new
> parent->sk (https://www.spinics.net/lists/netdev/msg442191.html)
>
> It look like PF_ALG sets up a ->sk in alg_create() (but this
> would get over-written in alg_accept()?)
>
> Cc'ing Herbert to see if this is expected behavior (and PF_ALG
> somehow does the right thing with the refcount for the ->sk
> set up in alg_create) in which case I suppose we should drop the
> WARN_ON.
I think we've found yet another socket leak, this time in
AF_ALG.
Powered by blists - more mailing lists