lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aSjHx34ENi4THN56@strlen.de>
Date: Thu, 27 Nov 2025 22:51:03 +0100
From: Florian Westphal <fw@...len.de>
To: Fernando Fernandez Mancera <fmancera@...e.de>
Cc: Paolo Abeni <pabeni@...hat.com>,
	Pablo Neira Ayuso <pablo@...filter.org>,
	netfilter-devel@...r.kernel.org, davem@...emloft.net,
	netdev@...r.kernel.org, kuba@...nel.org, edumazet@...gle.com,
	horms@...nel.org
Subject: Re: [PATCH net-next,v2 00/16] Netfilter updates for net-next

Fernando Fernandez Mancera <fmancera@...e.de> wrote:
> Patch 12 - I think that should be fine, nf_conncount_tree_skb() which 
> calls count_tree() should called with RCU read lock. This patch didn't 
> modify that behavior.

It would be better to add a READ_ONCE() however, since there can be
a concurrent update.

Not caused by your patch, so future fixup is fine.

> Patch 13 - as we are holding the commit mutex I thought that it wasn't 
> needed. Anyway, if that is needed, there are other places where we have 
> similar issues that would require a fix too. I can follow up on nf tree.

It would be better to add WRITE_ONCE() for both, given we could also be
interrupted on same cpu here.

Yes, the various .update callbacks have similar problematic patterns,
they all should be fixed up if possible.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ