lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <e8fe542c-80ba-4ca2-a1fa-ec6d29194e81@kernel.org>
Date: Mon, 18 Dec 2023 20:22:12 -0700
From: David Ahern <dsahern@...nel.org>
To: Kui-Feng Lee <sinquersw@...il.com>, netdev@...r.kernel.org
Cc: edumazet@...gle.com, Kui-Feng Lee <thinker.li@...il.com>
Subject: Re: [PATCH net] net/ipv6: Revert remove expired routes with a
 separated list of routes

On 12/18/23 7:45 PM, Kui-Feng Lee wrote:
> 
> 
> On 12/18/23 18:38, David Ahern wrote:
>> On 12/18/23 6:14 PM, Kui-Feng Lee wrote:
>>>
>>>
>>> On 12/17/23 10:55, David Ahern wrote:
>>>> Revert the remainder of 5a08d0065a915 which added a warn on if a fib
>>>> entry is still on the gc_link list, and then revertĀ  all of the commit
>>>> in the Fixes tag. The commit has some race conditions given how expires
>>>> is managed on a fib6_info in relation to timer start, adding the entry
>>>> to the gc list and setting the timer value leading to UAF. Revert
>>>> the commit and try again in a later release.
>>>
>>> May I know what your concerns are about the patch I provided?
>>> Even I try it again later, I still need to know what I miss and should
>>> address.
>>
>> This is a judgement call based on 6.7-rc number and upcoming holidays
>> with people offline. A bug fix is needed for a performance optimization;
>> the smart response here is to revert the patch and try again after the
>> holidays.
> Got it! Thanks!

In January, send a new set (RFC if it is still the merge window) with
the following:

1. audit all of the uses of RTF_EXPIRES. Some of the places need to be
cleaned up first. For example, rt6_add_dflt_router sets RTF_EXPIRES flag
but does not set fc_expires. I believe that function can be updated to
take the expires value and removes the need to set it later in
ndisc_router_discovery. See if the management of expires value can be
consolidated under the table lock.

2. Use gc_list instead of gc_link to be consistent with other gc lists
(and the fact that it is a list)

3. Add selftests using veth and namespaces to test RAs. It can depend on
and check for the existence of the ra or radvd command; the key is to
attempt a stress test on the router discovery path. Similarly for addrconf.

That is in addition to your new selftests in the last set you sent.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ