lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1684887977.git.peilin.ye@bytedance.com> Date: Tue, 23 May 2023 18:16:21 -0700 From: Peilin Ye <yepeilin.cs@...il.com> To: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Jamal Hadi Salim <jhs@...atatu.com>, Cong Wang <xiyou.wangcong@...il.com>, Jiri Pirko <jiri@...nulli.us> Cc: Peilin Ye <peilin.ye@...edance.com>, Daniel Borkmann <daniel@...earbox.net>, John Fastabend <john.fastabend@...il.com>, Vlad Buslov <vladbu@...lanox.com>, Pedro Tammela <pctammela@...atatu.com>, Hillf Danton <hdanton@...a.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Cong Wang <cong.wang@...edance.com>, Peilin Ye <yepeilin.cs@...il.com> Subject: [PATCH v5 net 0/6] net/sched: Fixes for sch_ingress and sch_clsact Link to v4: https://lore.kernel.org/r/cover.1684825171.git.peilin.ye@bytedance.com/ Link to v3 (incomplete): https://lore.kernel.org/r/cover.1684821877.git.peilin.ye@bytedance.com/ Link to v2: https://lore.kernel.org/r/cover.1684796705.git.peilin.ye@bytedance.com/ Link to v1: https://lore.kernel.org/r/cover.1683326865.git.peilin.ye@bytedance.com/ Hi all, These are v5 fixes for ingress and clsact Qdiscs. Please take another look at patch 1, 2 and 6, thanks! Changes in v5: - for [6/6], reinitialize @q, @p (suggested by Vlad) and @tcm after the "replay:" tag - for [1,2/6], do nothing in ->destroy() if ->parent isn't ffff:fff1, as reported by Pedro Change in v3, v4: - add in-body From: tags Changes in v2: - for [1-5/6], include tags from Jamal and Pedro - for [6/6], as suggested by Vlad, replay the request if the current Qdisc has any ongoing (RTNL-unlocked) filter requests, instead of returning -EBUSY to the user - use Closes: tag as warned by checkpatch [1,2/6]: ingress and clsact Qdiscs should only be created under ffff:fff1 [3/6]: Under ffff:fff1, only create ingress and clsact Qdiscs (for now, at least) [4/6]: After creating ingress and clsact Qdiscs under ffff:fff1, do not graft them again to anywhere else (e.g. as the inner Qdisc of a TBF Qdisc) [5/6]: Prepare for [6/6], do not reuse that for-loop in qdisc_graft() for ingress and clsact Qdiscs [6/6]: Fix use-after-free [a] in mini_qdisc_pair_swap() [a] https://syzkaller.appspot.com/bug?extid=b53a9c0d1ea4ad62da8b Thanks, Peilin Ye (6): net/sched: sch_ingress: Only create under TC_H_INGRESS net/sched: sch_clsact: Only create under TC_H_CLSACT net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs net/sched: Prohibit regrafting ingress or clsact Qdiscs net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs net/sched: qdisc_destroy() old ingress and clsact Qdiscs before grafting include/net/sch_generic.h | 8 +++++ net/sched/sch_api.c | 68 ++++++++++++++++++++++++++++----------- net/sched/sch_generic.c | 14 ++++++-- net/sched/sch_ingress.c | 16 +++++++-- 4 files changed, 83 insertions(+), 23 deletions(-) -- 2.20.1
Powered by blists - more mailing lists