| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <06dc2499-c095-4bd4-aee3-a1d0e3ec87c4@gmail.com> Date: Fri, 30 Aug 2024 17:49:50 +0300 From: Julian Wiedmann <jwiedmann.dev@...il.com> To: Florian Westphal <fw@...len.de>, netdev@...r.kernel.org Cc: herbert@...dor.apana.org.au, steffen.klassert@...unet.com, noel@...ilie-kuntze.de, tobias@...ongswan.org Subject: Re: [PATCH ipsec-next 3/4] xfrm: switch migrate to xfrm_policy_lookup_bytype Hi Florian, On 22.08.24 16:04, Florian Westphal wrote: > XFRM_MIGRATE still uses the old lookup method: > first check the bydst hash table, then search the list of all the other > policies. > > Switch MIGRATE to use the same lookup function as the packetpath. > > This is done to remove the last remaining users of the pernet > xfrm.policy_inexact lists with the intent of removing this list. > > After this patch, policies are still added to the list on insertion > and they are rehashed as-needed but no single API makes use of these > anymore. > > This change is compile tested only. > [...] > > - spin_unlock_bh(&net->xfrm.xfrm_policy_lock); > + pol = xfrm_policy_lookup_bytype(net, type, &fl, sel->family, dir, if_id); > + if (IS_ERR_OR_NULL(pol)) > + goto out_unlock; > > - return ret; > + if (!xfrm_pol_hold_rcu(ret)) Coverity spotted that ^^^ needs a s/ret/pol fix-up: > CID 1599386: Null pointer dereferences (FORWARD_NULL) > Passing null pointer "ret" to "xfrm_pol_hold_rcu", which dereferences it. > + pol = NULL; > +out_unlock: > + rcu_read_unlock(); > + return pol; > } >
Powered by blists - more mailing lists