lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 12 Sep 2023 16:01:58 +0000
From: Eric Dumazet <edumazet@...gle.com>
To: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, 
	Paolo Abeni <pabeni@...hat.com>
Cc: David Ahern <dsahern@...nel.org>, netdev@...r.kernel.org, eric.dumazet@...il.com, 
	Eric Dumazet <edumazet@...gle.com>
Subject: [PATCH net-next 00/14] ipv6: round of data-races fixes

This series is inspired by one related syzbot report.

Many inet6_sk(sk) fields reads or writes are racy.

Move 1-bit fields to inet->inet_flags to provide
atomic safety. inet6_{test|set|clear|assign}_bit() helpers
could be changed later if we need to make room in inet_flags.

Also add missing READ_ONCE()/WRITE_ONCE() when
lockless readers need access to specific fields.

np->srcprefs will be handled separately to avoid merge conflicts
because a prior patch was posted for net tree.

Eric Dumazet (14):
  ipv6: lockless IPV6_UNICAST_HOPS implementation
  ipv6: lockless IPV6_MULTICAST_LOOP implementation
  ipv6: lockless IPV6_MULTICAST_HOPS implementation
  ipv6: lockless IPV6_MTU implementation
  ipv6: lockless IPV6_MINHOPCOUNT implementation
  ipv6: lockless IPV6_RECVERR_RFC4884 implementation
  ipv6: lockless IPV6_MULTICAST_ALL implementation
  ipv6: lockless IPV6_AUTOFLOWLABEL implementation
  ipv6: lockless IPV6_DONTFRAG implementation
  ipv6: lockless IPV6_RECVERR implemetation
  ipv6: move np->repflow to atomic flags
  ipv6: lockless IPV6_ROUTER_ALERT_ISOLATE implementation
  ipv6: lockless IPV6_MTU_DISCOVER implementation
  ipv6: lockless IPV6_FLOWINFO_SEND implementation

 include/linux/ipv6.h            |  49 +++----
 include/net/inet_sock.h         |  10 ++
 include/net/ip6_route.h         |  14 +-
 include/net/ipv6.h              |  16 +--
 include/net/sock.h              |   2 +-
 include/net/xfrm.h              |   2 +-
 net/core/sock.c                 |   4 +-
 net/dccp/ipv6.c                 |   8 +-
 net/ipv4/ping.c                 |   5 +-
 net/ipv6/af_inet6.c             |   9 +-
 net/ipv6/datagram.c             |  15 +--
 net/ipv6/icmp.c                 |   4 +-
 net/ipv6/ip6_flowlabel.c        |   8 +-
 net/ipv6/ip6_output.c           |  42 +++---
 net/ipv6/ipv6_sockglue.c        | 223 +++++++++++++++-----------------
 net/ipv6/mcast.c                |   4 +-
 net/ipv6/ndisc.c                |   4 +-
 net/ipv6/ping.c                 |   4 +-
 net/ipv6/raw.c                  |  16 +--
 net/ipv6/tcp_ipv6.c             |  21 ++-
 net/ipv6/udp.c                  |  12 +-
 net/l2tp/l2tp_ip6.c             |   6 +-
 net/netfilter/ipvs/ip_vs_sync.c |  12 +-
 net/sctp/ipv6.c                 |   7 +-
 24 files changed, 238 insertions(+), 259 deletions(-)

-- 
2.42.0.283.g2d96d420d3-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ