| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170903.110436.325862367776935727.davem@davemloft.net> Date: Sun, 03 Sep 2017 11:04:36 -0700 (PDT) From: David Miller <davem@...emloft.net> To: g.nault@...halink.fr Cc: netdev@...r.kernel.org, jchapman@...alix.com Subject: Re: [PATCH net 0/2] l2tp: session creation fixes From: Guillaume Nault <g.nault@...halink.fr> Date: Fri, 1 Sep 2017 17:58:45 +0200 > The session creation process has a few issues wrt. concurrent tunnel > deletion. > > Patch #1 avoids creating sessions in tunnels that are getting removed. > This prevents races where sessions could try to take tunnel resources > that were already released. > > Patch #2 removes some racy l2tp_tunnel_find() calls in session creation > callbacks. Together with path #1 it ensures that sessions can only > access tunnel resources that are guaranteed to remain valid during the > session creation process. > > > There are other problems with how sessions are created: pseudo-wire > specific data are set after the session is added to the tunnel. So > the session can be used, or deleted, before it has been completely > initialised. Separating session allocation from session registration > would be necessary, but we'd still have circular dependencies > preventing race-free registration. I'll consider this issue in future > series. Series applied, thanks.
Powered by blists - more mailing lists