leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1548bc4e05
linux/net/xfrm
History
Florian Westphal 1548bc4e05 xfrm: policy: delete inexact policies from inexact list on hash rebuild 
An xfrm hash rebuild has to reset the inexact policy list before the
policies get re-inserted: A change of hash thresholds will result in
policies to get moved from inexact tree to the policy hash table.

If the thresholds are increased again later, they get moved from hash
table to inexact tree.

We must unlink all policies from the inexact tree before re-insertion.

Otherwise 'migrate' may find policies that are in main hash table a
second time, when it searches the inexact lists.

Furthermore, re-insertion without deletion can cause elements ->next to
point back to itself, causing soft lockups or double-frees.

Reported-by: syzbot+9d971dd21eb26567036b@syzkaller.appspotmail.com
Fixes: 9cf545ebd5 ("xfrm: policy: store inexact policies in a tree ordered by destination address")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2019-01-09 13:58:23 +01:00
..
Kconfig xfrm: prefer secpath_set over secpath_dup 2018-12-19 11:21:38 -08:00
Makefile xfrm: Add virtual xfrm interfaces 2018-06-23 16:07:25 +02:00
xfrm_algo.c
xfrm_device.c net: use skb_sec_path helper in more places 2018-12-19 11:21:37 -08:00
xfrm_hash.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
xfrm_hash.h xfrm: use complete IPv6 addresses for hash 2018-10-15 10:09:18 +02:00
xfrm_input.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-12-20 11:53:36 -08:00
xfrm_interface.c xfrm: use secpath_exist where applicable 2018-12-19 11:21:37 -08:00
xfrm_ipcomp.c net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() 2018-03-13 07:46:37 +01:00
xfrm_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-12-20 11:53:36 -08:00
xfrm_policy.c xfrm: policy: delete inexact policies from inexact list on hash rebuild 2019-01-09 13:58:23 +01:00
xfrm_proc.c proc: introduce proc_create_net_single 2018-05-16 07:24:30 +02:00
xfrm_replay.c xfrm: Fix ESN sequence number handling for IPsec GSO packets. 2018-03-01 08:14:50 +01:00
xfrm_state.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2018-12-18 11:43:26 -08:00
xfrm_sysctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_user.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2018-12-18 11:43:26 -08:00