lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 7 Jun 2019 17:11:09 -0700
From:   Wei Wang <weiwan@...gle.com>
To:     David Ahern <dsahern@...nel.org>
Cc:     "David S . Miller" <davem@...emloft.net>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>,
        idosch@...lanox.com, Martin KaFai Lau <kafai@...com>,
        Stefano Brivio <sbrivio@...hat.com>,
        David Ahern <dsahern@...il.com>
Subject: Re: [PATCH v3 net-next 09/20] ipv6: Handle all fib6_nh in a nexthop
 in rt6_do_redirect

On Fri, Jun 7, 2019 at 4:06 PM David Ahern <dsahern@...nel.org> wrote:
>
> From: David Ahern <dsahern@...il.com>
>
> Use nexthop_for_each_fib6_nh and fib6_nh_find_match to find the
> fib6_nh in a nexthop that correlates to the device and gateway
> in the rt6_info.
>
> Signed-off-by: David Ahern <dsahern@...il.com>
> ---
>  net/ipv6/route.c | 20 +++++++++++++++++++-
>  1 file changed, 19 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> index 2eb6754c6d11..1c6cff699a76 100644
> --- a/net/ipv6/route.c
> +++ b/net/ipv6/route.c
> @@ -3903,7 +3903,25 @@ static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_bu
>         if (!res.f6i)
>                 goto out;
>
> -       res.nh = res.f6i->fib6_nh;
> +       if (res.f6i->nh) {
> +               struct fib6_nh_match_arg arg = {
> +                       .dev = dst->dev,
> +                       .gw = &rt->rt6i_gateway,
> +               };
> +
> +               nexthop_for_each_fib6_nh(res.f6i->nh,
> +                                        fib6_nh_find_match, &arg);
> +
> +               /* fib6_info uses a nexthop that does not have fib6_nh
> +                * using the dst->dev. Should be impossible
> +                */
> +               if (!arg.match)
> +                       return;
I don't think you can directly return here. We are still holding
rcu_read_lock() here. Probably need "goto out"...


> +               res.nh = arg.match;
> +       } else {
> +               res.nh = res.f6i->fib6_nh;
> +       }
> +
>         res.fib6_flags = res.f6i->fib6_flags;
>         res.fib6_type = res.f6i->fib6_type;
>         nrt = ip6_rt_cache_alloc(&res, &msg->dest, NULL);
> --
> 2.11.0
>

Powered by blists - more mailing lists