| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7ef820fa-71e1-b479-cfe4-affd230ef143@gmail.com>
Date: Wed, 21 Mar 2018 08:03:44 -0700
From: Eric Dumazet <erdnetdev@...il.com>
To: Yonghong Song <yhs@...com>, edumazet@...gle.com, ast@...com,
daniel@...earbox.net, diptanu@...com, netdev@...r.kernel.org
Cc: kernel-team@...com
Subject: Re: [PATCH net-next v4 2/2] net: bpf: add a test for skb_segment in
test_bpf module
On 03/20/2018 11:47 PM, Yonghong Song wrote:
...
+
> +static __init int test_skb_segment(void)
> +{
> + netdev_features_t features;
> + struct sk_buff *skb;
> + int ret = -1;
> +
> + features = NETIF_F_SG | NETIF_F_GSO_PARTIAL | NETIF_F_IP_CSUM |
> + NETIF_F_IPV6_CSUM;
> + features |= NETIF_F_RXCSUM;
> + skb = build_test_skb();
> + if (!skb) {
> + pr_info("%s: failed to build_test_skb", __func__);
> + goto done;
> + }
> +
> + if (skb_segment(skb, features)) {
> + ret = 0;
> + pr_info("%s: success in skb_segment!", __func__);
> + } else {
> + pr_info("%s: failed in skb_segment!", __func__);
> + }
If skb_segmen() was successful skb was already freed.
kfree_skb(old_skb) should thus panic the box, if you run this code
on a kernel having some debugging features like KASAN
So if you do not store in a variable the return of skb_segment(),
you can not properly free memory.
> + kfree_skb(skb);
> +done:
> + return ret;
> +}
> +
>
Please make sure to fully test this code.
Powered by blists - more mailing lists