Jiri Benc 8a226b2cfa ipv6: prevent race between address creation and removal ... There's a race in IPv6 automatic addess assignment. The address is created with zero lifetime when it's added to various address lists. Before it gets assigned the correct lifetime, there's a window where a new address may be configured. This causes the semi-initiated address to be deleted in addrconf_verify. This was discovered as a reference leak caused by concurrent run of __ipv6_ifa_notify for both RTM_NEWADDR and RTM_DELADDR with the same address. Fix this by setting the lifetime before the address is added to inet6_addr_lst. A few notes: 1. In addrconf_prefix_rcv, by setting update_lft to zero, the if (update_lft) { ... } condition is no longer executed for newly created addresses. This is okay, as the ifp fields are set in ipv6_add_addr now and ipv6_ifa_notify is called (and has been called) through addrconf_dad_start. 2. The removal of the whole block under ifp->lock in inet6_addr_add is okay, too, as tstamp is initialized to jiffies in ipv6_add_addr. Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net>		2013-08-01 14:16:20 -07:00
..
9p	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2013-07-13 17:42:22 -07:00
802	net/802/mrp: fix lockdep splat	2013-05-14 13:02:30 -07:00
8021q	vlan: fix a race in egress prio management	2013-07-18 13:07:13 -07:00
appletalk	net: pass info struct via netdevice notifier	2013-05-28 13:11:01 -07:00
atm	net: always pass struct netdev_notifier_info to netdevice notifiers	2013-05-28 21:58:54 -07:00
ax25	net: Convert uses of typedef ctl_table to struct ctl_table	2013-06-13 02:36:09 -07:00
batman-adv	net: Unmap fragment page once iterator is done	2013-06-24 01:46:01 -07:00
bluetooth	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth	2013-07-31 15:11:50 -04:00
bridge	bridge: disable snooping if there is no querier	2013-07-31 17:40:21 -07:00
caif	net: pass info struct via netdevice notifier	2013-05-28 13:11:01 -07:00
can	net: pass info struct via netdevice notifier	2013-05-28 13:11:01 -07:00
ceph	libceph: call r_unsafe_callback when unsafe reply is received	2013-07-03 15:32:58 -07:00
core	neigh: prevent overflowing params in /proc/sys/net/ipv4/neigh/	2013-07-26 14:22:10 -07:00
dcb	rtnetlink: Remove passing of attributes into rtnl_doit functions	2013-03-22 10:31:16 -04:00
dccp	tcp: Remove TCPCT	2013-03-17 14:35:13 -04:00
decnet	net: Convert uses of typedef ctl_table to struct ctl_table	2013-06-13 02:36:09 -07:00
dns_resolver	net: strict_strtoul is obsolete, use kstrtoul instead	2013-07-12 16:09:14 -07:00
dsa	dsa: fix freeing of sparse port allocation	2013-03-25 12:23:41 -04:00
ethernet	net: Fix sysfs_format_mac() code duplication.	2013-07-16 17:09:22 -07:00
ieee802154	net: pass info struct via netdevice notifier	2013-05-28 13:11:01 -07:00
ipv4	fib_trie: potential out of bounds access in trie_show_stats()	2013-07-24 16:05:14 -07:00
ipv6	ipv6: prevent race between address creation and removal	2013-08-01 14:16:20 -07:00
ipx	net: pass info struct via netdevice notifier	2013-05-28 13:11:01 -07:00
irda	net/irda: fixed style issues in irlan_eth	2013-07-16 12:16:03 -07:00
iucv	net: delete __cpuinit usage from all net files	2013-07-14 19:36:58 -04:00
key	af_key: more info leaks in pfkey messages	2013-07-30 16:26:16 -07:00
l2tp	l2tp: make datapath resilient to packet loss when sequence numbers enabled	2013-07-02 16:33:25 -07:00
lapb
llc	llc: Fix missing msg_namelen update in llc_ui_recvmsg()	2013-04-07 16:28:01 -04:00
mac80211	mac80211: fix monitor interface suspend crash regression	2013-07-23 14:02:08 +02:00
mac802154	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2013-04-30 03:55:20 -04:00
mpls	MPLS: Add limited GSO support	2013-05-27 22:50:59 -07:00
netfilter	netfilter: xt_socket: fix broken v0 support	2013-07-15 11:15:21 +02:00
netlabel	net: pass info struct via netdevice notifier	2013-05-28 13:11:01 -07:00
netlink	genetlink: fix usage of NLM_F_EXCL or NLM_F_REPLACE	2013-07-30 16:43:19 -07:00
netrom	net: Convert uses of typedef ctl_table to struct ctl_table	2013-06-13 02:36:09 -07:00
nfc	NFC: netlink: Rename CMD_FW_UPLOAD to CMD_FW_DOWNLOAD	2013-07-31 01:19:43 +02:00
openvswitch	openvswitch: Add Kconfig dependency on GRE-DEMUX.	2013-07-01 13:19:43 -07:00
packet	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2013-06-19 16:49:39 -07:00
phonet	net: Convert uses of typedef ctl_table to struct ctl_table	2013-06-13 02:36:09 -07:00
rds	net: Convert uses of typedef ctl_table to struct ctl_table	2013-06-13 02:36:09 -07:00
rfkill	Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next	2013-04-22 14:58:14 -04:00
rose	net: Convert uses of typedef ctl_table to struct ctl_table	2013-06-13 02:36:09 -07:00
rxrpc
sched	net_sched: info leak in atm_tc_dump_class()	2013-07-31 15:04:19 -07:00
sctp	net: sctp: confirm route during forward progress	2013-07-09 12:49:56 -07:00
sunrpc	NFS client bugfixes for 3.11	2013-07-20 10:48:24 -07:00
tipc	net/tipc: use %*phC to dump small buffers in hex form	2013-07-11 17:03:36 -07:00
unix	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2013-07-09 18:24:39 -07:00
vmw_vsock	VSOCK: Fix VSOCK_HASH and VSOCK_CONN_HASH	2013-06-23 23:51:48 -07:00
wimax
wireless	regulatory: use correct regulatory initiator on wiphy register	2013-07-25 09:52:46 +02:00
x25	x25: Fix broken locking in ioctl error paths.	2013-07-01 18:15:25 -07:00
xfrm	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next	2013-06-26 13:23:13 -07:00
compat.c	net: Unbreak compat_sys_{send,recv}msg	2013-06-06 11:52:14 -07:00
Kconfig	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2013-07-09 18:24:39 -07:00
Makefile	MPLS: Add limited GSO support	2013-05-27 22:50:59 -07:00
nonet.c
socket.c	net: rename busy poll socket op and globals	2013-07-10 17:08:27 -07:00
sysctl_net.c