| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aPdJO3k9C-bhqHSQ@secunet.com>
Date: Tue, 21 Oct 2025 10:50:03 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: Sabrina Dubroca <sd@...asysnail.net>
CC: <netdev@...r.kernel.org>, <oe-kbuild-all@...ts.linux.dev>, kernel test
robot <lkp@...el.com>, Alexey Dobriyan <adobriyan@...il.com>
Subject: Re: [PATCH ipsec 6/6] xfrm: check all hash buckets for leftover
states during netns deletion
Hi Sabrina,
On Mon, Oct 20, 2025 at 01:00:42AM +0200, Sabrina Dubroca wrote:
> Hi Steffen,
>
> 2025-10-17, 23:10:36 +0800, kernel test robot wrote:
> > Hi Sabrina,
> >
> > kernel test robot noticed the following build warnings:
> >
> > [auto build test WARNING on klassert-ipsec-next/master]
> > [also build test WARNING on klassert-ipsec/master net/main net-next/main linus/master v6.18-rc1 next-20251016]
> > [If your patch is applied to the wrong git tree, kindly drop us a note.
> > And when submitting patch, we suggest to use '--base' as documented in
> > https://git-scm.com/docs/git-format-patch#_base_tree_information]
> >
> > url: https://github.com/intel-lab-lkp/linux/commits/Sabrina-Dubroca/xfrm-drop-SA-reference-in-xfrm_state_update-if-dir-doesn-t-match/20251016-184507
> > base: https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git master
> > patch link: https://lore.kernel.org/r/2a743a05bbad7ebdc36c2c86a5fcbb9e99071c7b.1760610268.git.sd%40queasysnail.net
> > patch subject: [PATCH ipsec 6/6] xfrm: check all hash buckets for leftover states during netns deletion
> > config: x86_64-randconfig-r123-20251017 (https://download.01.org/0day-ci/archive/20251017/202510172159.iLR9bfcc-lkp@intel.com/config)
> > compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261)
> > reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20251017/202510172159.iLR9bfcc-lkp@intel.com/reproduce)
> >
> > If you fix the issue in a separate patch/commit (i.e. not just a new version of
> > the same patch/commit), kindly add following tags
> > | Reported-by: kernel test robot <lkp@...el.com>
> > | Closes: https://lore.kernel.org/oe-kbuild-all/202510172159.iLR9bfcc-lkp@intel.com/
> >
> > sparse warnings: (new ones prefixed by >>)
> [...]
> > 3308 void xfrm_state_fini(struct net *net)
> > 3309 {
> > 3310 unsigned int sz;
> > 3311 int i;
> > 3312
> > 3313 flush_work(&net->xfrm.state_hash_work);
> > 3314 xfrm_state_flush(net, 0, false);
> > 3315 flush_work(&xfrm_state_gc_work);
> > 3316
> > 3317 WARN_ON(!list_empty(&net->xfrm.state_all));
> > 3318
> > 3319 for (i = 0; i <= net->xfrm.state_hmask; i++) {
> > > 3320 WARN_ON(!hlist_empty(net->xfrm.state_byseq + i));
>
> So, before my patch there was a sparse waraning on the
>
> WARN_ON(!hlist_empty(net->xfrm.state_by*));
>
> lines, and now there's a sparse warning on the loop.
> (and plenty on other lines in net/xfrm/xfrm_state.c)
>
> This bot message gave me the push to finally take a look at all the
> sparse warnings in net/xfrm/xfrm_state.c, I have solutions for a big
> chunk of them (and a few in other files).
>
> If you want to drop this patch from the set, I'll re-send it later, on
> top of the sparse stuff. The rest of the series works without it. If
> you want to take it as is, it doesn't change the sparse situation in
> this file (a few warnings moved around) and I'll do the sparse
> cleanups on top of it.
I'll take the patchset as is and wait for your sparse fixes on top.
Thanks!
Powered by blists - more mailing lists