| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180719074520.i4wnyas7nipyteyc@gauss3.secunet.de>
Date: Thu, 19 Jul 2018 09:45:20 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: Benedict Wong <benedictwong@...gle.com>
CC: <netdev@...r.kernel.org>, <nharold@...gle.com>,
<lorenzo@...gle.com>
Subject: Re: [RFC ipsec-next] xfrm: Remove xfrmi interface ID from flowi
On Tue, Jul 17, 2018 at 02:40:04PM -0700, Benedict Wong wrote:
> @@ -2301,6 +2322,13 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
> int reverse;
> struct flowi fl;
> int xerr_idx = -1;
> + const struct xfrm_if_cb *ifcb;
> + struct xfrm_if *xi;
> + u32 if_id = 0;
> +
> + rcu_read_lock();
> + ifcb = xfrm_if_get_cb();
> + rcu_read_unlock();
>
> reverse = dir & ~XFRM_POLICY_MASK;
> dir &= XFRM_POLICY_MASK;
> @@ -2325,10 +2353,16 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
> }
> }
>
> + if (ifcb) {
> + xi = ifcb->decode_session(skb);
> + if (xi)
> + if_id = xi->p.if_id;
> + }
The usage of the ifcb pointer should go into the
rcu_read_lock section above.
Looks good otherwise, nice improvement.
Please respin and do an official submission of this
patch, I'd like to merge it before I send the pull
request for the ipsec-next tree.
Powered by blists - more mailing lists