lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 11 Sep 2020 08:50:41 +0200
From:   Oleksij Rempel <o.rempel@...gutronix.de>
To:     Zhang Changzhong <zhangchangzhong@...wei.com>
Cc:     robin@...tonic.nl, linux@...pel-privat.de, kernel@...gutronix.de,
        socketcan@...tkopp.net, mkl@...gutronix.de, davem@...emloft.net,
        kuba@...nel.org, linux-can@...r.kernel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] can: j1939: j1939_sk_bind(): return failure if
 netdev is down

On Mon, Sep 07, 2020 at 02:31:48PM +0800, Zhang Changzhong wrote:
> When a netdev down event occurs after a successful call to
> j1939_sk_bind(), j1939_netdev_notify() can handle it correctly.
> 
> But if the netdev already in down state before calling j1939_sk_bind(),
> j1939_sk_release() will stay in wait_event_interruptible() blocked
> forever. Because in this case, j1939_netdev_notify() won't be called and
> j1939_tp_txtimer() won't call j1939_session_cancel() or other function
> to clear session for ENETDOWN error, this lead to mismatch of
> j1939_session_get/put() and jsk->skb_pending will never decrease to
> zero.
> 
> To reproduce it use following commands:
> 1. ip link add dev vcan0 type vcan
> 2. j1939acd -r 100,80-120 1122334455667788 vcan0
> 3. presses ctrl-c and thread will be blocked forever
> 
> This patch adds check for ndev->flags in j1939_sk_bind() to avoid this
> kind of situation and return with -ENETDOWN.
> 
> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol")
> Signed-off-by: Zhang Changzhong <zhangchangzhong@...wei.com>

Acked-by: Oleksij Rempel <o.rempel@...gutronix.de>

Thank you!

> ---
>  net/can/j1939/socket.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/net/can/j1939/socket.c b/net/can/j1939/socket.c
> index 1be4c89..f239665 100644
> --- a/net/can/j1939/socket.c
> +++ b/net/can/j1939/socket.c
> @@ -475,6 +475,12 @@ static int j1939_sk_bind(struct socket *sock, struct sockaddr *uaddr, int len)
>  			goto out_release_sock;
>  		}
>  
> +		if (!(ndev->flags & IFF_UP)) {
> +			dev_put(ndev);
> +			ret = -ENETDOWN;
> +			goto out_release_sock;
> +		}
> +
>  		priv = j1939_netdev_start(ndev);
>  		dev_put(ndev);
>  		if (IS_ERR(priv)) {
> -- 
> 2.9.5
> 
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ