| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190626122836.508db0ad@redhat.com>
Date: Wed, 26 Jun 2019 12:28:36 +0200
From: Stefano Brivio <sbrivio@...hat.com>
To: Eric Dumazet <edumazet@...gle.com>
Cc: "David S . Miller" <davem@...emloft.net>,
netdev <netdev@...r.kernel.org>,
Eric Dumazet <eric.dumazet@...il.com>,
David Ahern <dsahern@...il.com>,
syzbot <syzkaller@...glegroups.com>
Subject: Re: [PATCH net] ipv4: fix suspicious RCU usage in
fib_dump_info_fnhe()
On Wed, 26 Jun 2019 03:04:50 -0700
Eric Dumazet <edumazet@...gle.com> wrote:
> sysbot reported that we lack appropriate rcu_read_lock()
> protection in fib_dump_info_fnhe()
Thanks for fixing this.
> diff --git a/net/ipv4/route.c b/net/ipv4/route.c
> index 6aee412a68bdd3c24a6a0eb9883e04b7a83998e0..59670fafcd2612b94c237cbe30109adb196cf3f0 100644
> --- a/net/ipv4/route.c
> +++ b/net/ipv4/route.c
> @@ -2872,12 +2872,13 @@ int fib_dump_info_fnhe(struct sk_buff *skb, struct netlink_callback *cb,
> if (nhc->nhc_flags & RTNH_F_DEAD)
> continue;
>
> + rcu_read_lock();
> bucket = rcu_dereference(nhc->nhc_exceptions);
> - if (!bucket)
> - continue;
> -
> - err = fnhe_dump_bucket(net, skb, cb, table_id, bucket, genid,
> - fa_index, fa_start);
> + err = 0;
Could you perhaps move declaration and initialisation of 'err' outside
the block while at it? It looks a bit more readable at this point.
> + if (bucket)
> + err = fnhe_dump_bucket(net, skb, cb, table_id, bucket,
> + genid, fa_index, fa_start);
> + rcu_read_unlock();
> if (err)
> return err;
> }
Either way,
Reviewed-by: Stefano Brivio <sbrivio@...hat.com>
--
Stefano
Powered by blists - more mailing lists