| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 May 2022 11:24:45 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Sam Edwards <cfsworks@...il.com>,
"David S . Miller" <davem@...emloft.net>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
David Ahern <dsahern@...nel.org>
Cc: Linux Network Development Mailing List <netdev@...r.kernel.org>
Subject: Re: [PATCH] ipv6/addrconf: fix timing bug in tempaddr regen
Hello,
On Mon, 2022-05-23 at 14:25 -0600, Sam Edwards wrote:
> The addrconf_verify_rtnl() function uses a big if/elseif/elseif/... block
> to categorize each address by what type of attention it needs. An
> about-to-expire (RFC 4941) temporary address is one such category, but the
> previous elseif case catches addresses that have already run out their
> prefered_lft. This means that if addrconf_verify_rtnl() fails to run in
> the necessary time window (i.e. REGEN_ADVANCE time units before the end of
> the prefered_lft), the temporary address will never be regenerated, and no
> temporary addresses will be available until each one's valid_lft runs out
> and manage_tempaddrs() begins anew.
>
> Fix this by moving the entire temporary address regeneration case higher
> up so that a temporary address cannot be deprecated until it has had an
> opportunity to begin regeneration. Note that this does not fix the
> problem of addrconf_verify_rtnl() sometimes not running in time resulting
> in the race condition described in RFC 4941 section 3.4 - it only ensures
> that the address is regenerated.
I looks like with this change the tmp addresses will never hit the
DEPRECATED branch ?!?
Thanks!
Paolo
Powered by blists - more mailing lists