| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e8fe542c-80ba-4ca2-a1fa-ec6d29194e81@kernel.org> Date: Mon, 18 Dec 2023 20:22:12 -0700 From: David Ahern <dsahern@...nel.org> To: Kui-Feng Lee <sinquersw@...il.com>, netdev@...r.kernel.org Cc: edumazet@...gle.com, Kui-Feng Lee <thinker.li@...il.com> Subject: Re: [PATCH net] net/ipv6: Revert remove expired routes with a separated list of routes On 12/18/23 7:45 PM, Kui-Feng Lee wrote: > > > On 12/18/23 18:38, David Ahern wrote: >> On 12/18/23 6:14 PM, Kui-Feng Lee wrote: >>> >>> >>> On 12/17/23 10:55, David Ahern wrote: >>>> Revert the remainder of 5a08d0065a915 which added a warn on if a fib >>>> entry is still on the gc_link list, and then revertĀ all of the commit >>>> in the Fixes tag. The commit has some race conditions given how expires >>>> is managed on a fib6_info in relation to timer start, adding the entry >>>> to the gc list and setting the timer value leading to UAF. Revert >>>> the commit and try again in a later release. >>> >>> May I know what your concerns are about the patch I provided? >>> Even I try it again later, I still need to know what I miss and should >>> address. >> >> This is a judgement call based on 6.7-rc number and upcoming holidays >> with people offline. A bug fix is needed for a performance optimization; >> the smart response here is to revert the patch and try again after the >> holidays. > Got it! Thanks! In January, send a new set (RFC if it is still the merge window) with the following: 1. audit all of the uses of RTF_EXPIRES. Some of the places need to be cleaned up first. For example, rt6_add_dflt_router sets RTF_EXPIRES flag but does not set fc_expires. I believe that function can be updated to take the expires value and removes the need to set it later in ndisc_router_discovery. See if the management of expires value can be consolidated under the table lock. 2. Use gc_list instead of gc_link to be consistent with other gc lists (and the fact that it is a list) 3. Add selftests using veth and namespaces to test RAs. It can depend on and check for the existence of the ra or radvd command; the key is to attempt a stress test on the router discovery path. Similarly for addrconf. That is in addition to your new selftests in the last set you sent.
Powered by blists - more mailing lists