lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Sep 2021 10:55:49 -0700 From: Eric Dumazet <eric.dumazet@...il.com> To: Jakub Kicinski <kuba@...nel.org>, Eric Dumazet <eric.dumazet@...il.com> Cc: willemb@...gle.com, netdev@...r.kernel.org Subject: Re: [RFC net] net: stream: don't purge sk_error_queue without holding its lock On 9/14/21 9:56 AM, Jakub Kicinski wrote: > Right, but then inet_sock_destruct() also purges the err queue, again. > I was afraid of regressions but we could just remove the purging > from sk_stream_kill_queues(), and target net-next? > Yes, this would be the safest thing. >> If you think there is a bug, it must be fixed in another way. >> >> IMO, preventing err packets from a prior session being queued after a tcp_disconnect() >> is rather hard. We should not even try (packets could be stuck for hours in a qdisc) > > Indeed, we could rearrange the SOCK_DEAD check in sock_queue_err_skb() > to skip queuing and put it under the err queue lock (provided we make > sk_stream_kill_queues() take that lock as well). But seems like an > overkill. I'd lean towards the existing patch or removing the purge from > sk_stream_kill_queues(). LMK what you prefer, this is not urgent. > The issue would really about the tcp_disconnect() case, followed by a reuse of the socket to establish another session. In order to prevent polluting sk_error_queue with notifications triggered by old packets (from prior flow), this would require to record the socket cookie in skb, or something like that :/
Powered by blists - more mailing lists