lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <74cc9cdc-e74b-454f-9091-e39a214f153b@redhat.com>
Date: Tue, 17 Dec 2024 11:32:53 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Kuniyuki Iwashima <kuniyu@...zon.com>,
 "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Simon Horman <horms@...nel.org>
Cc: Kuniyuki Iwashima <kuni1840@...il.com>, netdev@...r.kernel.org
Subject: Re: [PATCH v3 net-next 15/15] socket: Rename sock_create_kern() to
 sock_create_net_noref().

On 12/13/24 10:21, Kuniyuki Iwashima wrote:
> sock_create_kern() is quite a bad name, and the non-netdev folks tend
> to use it without taking care of the netns lifetime.
> 
> Since commit 26abe14379f8 ("net: Modify sk_alloc to not reference count
> the netns of kernel sockets."), TCP sockets created by sock_create_kern()
> have caused many use-after-free.
> 
> Let's rename sock_create_kern() to sock_create_net_noref() and add fat
> documentation so that we no longer introduce the same issue in the future.
> 
> Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.com>

IMHO the net-benefit/LoC rate for this and the previous one is a bit too
low.

I would avoid the rename, just add the documentation and instead add
some suffix to the sock_create* kernel variant acquiring the netns
reference (sock_create_kern_netref()?)

Thanks,

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ