lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAM_iQpUXRV6DamR_U1_bvBUBOk6SQ6jF3xLKBpVZrjYE74LXiw@mail.gmail.com>
Date:   Wed, 9 Aug 2017 11:08:30 -0700
From:   Cong Wang <xiyou.wangcong@...il.com>
To:     Gao Feng <gfree.wind@....163.com>
Cc:     xeb@...l.ru, David Miller <davem@...emloft.net>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Re: [PATCH net-next 1/1] driver: pptp: Remove unnecessary statements
 in pptp_sock_destruct

On Wed, Aug 9, 2017 at 8:57 AM,  <gfree.wind@....163.com> wrote:
> From: Gao Feng <gfree.wind@....163.com>
>
> In the commit ddab82821fa6 ("ppp: Fix a scheduling-while-atomic bug in
> del_chan"), I moved the synchronize_rcu() from del_chan() to pptp_release
> after del_chan() to avoid one scheduling-while-atomic bug.
>
> Actually the del_chan() and pppox_unbind_sock are unneccessary in the
> pptp_sock_destruct. Because the pptp sock refcnt wouldn't reach zero until
> sk_state is set as PPPOX_DEAD in pptp_release. By that time, the del_chan()
> and pppox_unbind_sock() have been invoked already and the condition check
> "!(sk->sk_state & PPPOX_DEAD)" of this sock must be false in pptp_sock_destruct.

I am not sure. The check for sock->sk in the beginning of pptp_release()
indicates there could be a case we could skip del_chan() in pptp_release(),
although I can't figure out how.

Also there is a suspicious sock_put() in pptp_release().

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ