| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Nov 2020 14:15:53 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Thadeu Lima de Souza Cascardo <cascardo@...onical.com>
Cc: Kleber Sacilotto de Souza <kleber.souza@...onical.com>,
Eric Dumazet <edumazet@...gle.com>, netdev@...r.kernel.org,
Gerrit Renker <gerrit@....abdn.ac.uk>,
"David S. Miller" <davem@...emloft.net>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
"Alexander A. Klimov" <grandmaster@...klimov.de>,
Kees Cook <keescook@...omium.org>,
Alexey Kodanev <alexey.kodanev@...cle.com>,
dccp@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] dccp: ccid: move timers to struct dccp_sock
On Mon, 9 Nov 2020 18:31:34 -0300 Thadeu Lima de Souza Cascardo wrote:
> > Which paths are those (my memory of this code is waning)? I thought
> > disconnect is only called from the user space side (shutdown syscall).
> > The only other way to terminate the connection is to close the socket,
> > which Eric already fixed by postponing the destruction of ccid in that
> > case.
>
> dccp_v4_do_rcv -> dccp_rcv_established -> dccp_parse_options ->
> dccp_feat_parse_options -> dccp_feat_handle_nn_established ->
> dccp_feat_activate -> __dccp_feat_activate -> dccp_hdlr_ccid ->
> ccid_hc_tx_delete
Well, that's not a disconnect path.
There should be no CCID on a disconnected socket, tho, right? Otherwise
if we can switch from one active CCID to another then reusing a single
timer in struct dccp_sock for both is definitely not safe as I
explained in my initial email.
Powered by blists - more mailing lists