lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e4948ab7-0f3b-a4f5-52ea-853a987f1abb@cumulusnetworks.com>
Date:   Mon, 18 Dec 2017 16:23:55 +0200
From:   Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
To:     Toshiaki Makita <makita.toshiaki@....ntt.co.jp>,
        netdev@...r.kernel.org
Cc:     roopa@...ulusnetworks.com, davem@...emloft.net,
        stephen@...workplumber.org, avagin@...il.com,
        bridge@...ts.linux-foundation.org
Subject: Re: [PATCH net] net: bridge: fix early call to
 br_stp_change_bridge_id

On 12/18/2017 04:22 PM, Nikolay Aleksandrov wrote:
> On 12/18/2017 04:24 AM, Toshiaki Makita wrote:
>> On 2017/12/16 20:31, Nikolay Aleksandrov wrote:
> [snip]
>> ...
>>>  	err = br_changelink(dev, tb, data, extack);
>>> -	if (err)
>>> +	if (err) {
>>> +		/* clean possible fdbs from br_stp_change_bridge_id above */
>>> +		br_fdb_delete_by_port(br, NULL, 0, 1);
>>
>> Don't we need to call br_dev_delete (br_link_ops.dellink) after
>> successful register instead of br_fdb_delete?
>> Particularly I'm wondering if not calling br_sysfs_delbr() is ok or not.
>>
> 
> Funny, that is actually the only reason we need to call it (br_sysfs_delbr). :-)
> 
> Good catch, that is another leak - the bridge sysfs entries are registered when
> NETDEV_REGISTER event happens (register_netdevice) but are not properly cleaned up
> on error there. This has also been present since the introduction of changelink
> during newlink, commit:
>  b6677449dff6 ("bridge: netlink: call br_changelink() during br_dev_newlink()")

err, since the changelink was fixed to be after device registration in commit:
 5b8d5429daa0 ("bridge: netlink: register netdevice before executing changelink")

> 
> I'll send v2 that does br_dev_delete(dev, NULL) instead of the current cleanup.
> With kobject debug enabled and that I can see "brif" and the rest of the sysfs
> files getting freed properly, while before they weren't.
> 
> Thanks,
>  Nik
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ