| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpVrckjFViizKZH+S=8GC_3T5Gm1vTAUeFkpmqJ_A66x1Q@mail.gmail.com>
Date: Mon, 3 Feb 2020 12:33:30 -0800
From: Cong Wang <xiyou.wangcong@...il.com>
To: Dan Carpenter <dan.carpenter@...cle.com>
Cc: Jamal Hadi Salim <jhs@...atatu.com>, Jiri Pirko <jiri@...nulli.us>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Mohit Bhasi <mohitbhasi1998@...il.com>,
"Mohit P. Tahiliani" <tahiliani@...k.edu.in>,
"V. Saicharan" <vsaicharan1998@...il.com>,
Gautam Ramakrishnan <gautamramk@...il.com>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
kernel-janitors@...r.kernel.org
Subject: Re: [PATCH net] net: sched: prevent a use after free
On Mon, Feb 3, 2020 at 11:58 AM Cong Wang <xiyou.wangcong@...il.com> wrote:
>
> On Mon, Feb 3, 2020 at 12:39 AM Dan Carpenter <dan.carpenter@...cle.com> wrote:
> > Why is that better?
>
> Because it is designed to be used in this scenario,
> as it defers the free after RTNL unlock which is after
> sch_tree_unlock() too.
Just in case of misunderstanding: I am _not_ suggesting to
use rtnl_kfree_skbs() to workaround this use-after-free,
rtnl_kfree_skbs() still has to be called after qdisc_pkt_len(),
at least for readability, despite that it could indeed
workaround the bug.
Thanks.
Powered by blists - more mailing lists