lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250812155245.507012-3-sdf@fomichev.me>
Date: Tue, 12 Aug 2025 08:52:40 -0700
From: Stanislav Fomichev <sdf@...ichev.me>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net,
	edumazet@...gle.com,
	kuba@...nel.org,
	pabeni@...hat.com,
	ayush.sawal@...lsio.com,
	andrew+netdev@...n.ch,
	gregkh@...uxfoundation.org,
	horms@...nel.org,
	dsahern@...nel.org,
	pablo@...filter.org,
	kadlec@...filter.org,
	steffen.klassert@...unet.com,
	sdf@...ichev.me,
	mhal@...x.co,
	abhishektamboli9@...il.com,
	linux-kernel@...r.kernel.org,
	linux-staging@...ts.linux.dev,
	netfilter-devel@...r.kernel.org,
	coreteam@...filter.org,
	herbert@...dor.apana.org.au
Subject: [PATCH net-next 2/7] xfrm: Switch to skb_dst_reset to clear dst_entry

Going forward skb_dst_set will assert that skb dst_entry
is empty during skb_dst_set. skb_dst_reset is added to reset
existing entry without doing refcnt. Switch to skb_dst_reset
in __xfrm_route_forward and add a comment on why it's safe
to skip skb_dst_restore.

Signed-off-by: Stanislav Fomichev <sdf@...ichev.me>
---
 net/xfrm/xfrm_policy.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index c5035a9bc3bb..a5ffe26b64d5 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -3881,12 +3881,18 @@ int __xfrm_route_forward(struct sk_buff *skb, unsigned short family)
 	}
 
 	skb_dst_force(skb);
-	if (!skb_dst(skb)) {
+	dst = skb_dst(skb);
+	if (!dst) {
 		XFRM_INC_STATS(net, LINUX_MIB_XFRMFWDHDRERROR);
 		return 0;
 	}
 
-	dst = xfrm_lookup(net, skb_dst(skb), &fl, NULL, XFRM_LOOKUP_QUEUE);
+	/* ignore return value from skb_dst_reset, xfrm_lookup takes
+	 * care of dropping the refcnt if needed.
+	 */
+	skb_dst_reset(skb);
+
+	dst = xfrm_lookup(net, dst, &fl, NULL, XFRM_LOOKUP_QUEUE);
 	if (IS_ERR(dst)) {
 		res = 0;
 		dst = NULL;
-- 
2.50.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ