lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9c476d12-e494-45b6-a628-3c3871558188@redhat.com>
Date: Thu, 5 Jun 2025 12:47:50 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Antonio Quartulli <antonio@...nvpn.net>, netdev@...r.kernel.org
Cc: Michal Swiatkowski <michal.swiatkowski@...ux.intel.com>,
 Sabrina Dubroca <sd@...asysnail.net>, "David S . Miller"
 <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>
Subject: Re: [PATCH net 0/5] pull request: fixes for ovpn 2025-06-03

On 6/3/25 1:11 PM, Antonio Quartulli wrote:
> Hi netdev-team,
> [2025-06-03: added WRITE_ONCE() to 1/5]
> 
> In this batch you can find the following bug fixes:
> 
> Patch 1: when releasing a UDP socket we were wrongly invoking
> setup_udp_tunnel_sock() with an empty config. This was not
> properly shutting down the UDP encap state.
> With this patch we simply undo what was done during setup.
> 
> Patch 2: ovpn was holding a reference to a 'struct socket'
> without increasing its reference counter. This was intended
> and worked as expected until we hit a race condition where
> user space tries to close the socket while kernel space is
> also releasing it. In this case the (struct socket *)->sk
> member would disappear under our feet leading to a null-ptr-deref.
> This patch fixes this issue by having struct ovpn_socket hold
> a reference directly to the sk member while also increasing
> its reference counter.
> 
> Patch 3: in case of errors along the TCP RX path (softirq)
> we want to immediately delete the peer, but this operation may
> sleep. With this patch we move the peer deletion to a scheduled
> worker.
> 
> Patch 4 and 5 are instead fixing minor issues in the ovpn
> kselftests.
> 
> 
> Please pull or let me know of any issue

For the record, this did not included the customary (and needed) PR
boilerplate with the referenced tree and tag. I grabbed that from the
prior iteration, so no further actions should be needed on your side
(save eventual PEBKAC here), but please check the layout on next
occurrences.

Thanks,

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ