* [PATCH net 0/6] gtp: fix several bugs
@ 2019-07-02 15:20 Taehee Yoo
2019-07-03 1:08 ` Harald Welte
2019-07-08 1:55 ` David Miller
0 siblings, 2 replies; 4+ messages in thread
From: Taehee Yoo @ 2019-07-02 15:20 UTC (permalink / raw)
To: davem, pablo, laforge, osmocom-net-gprs, netdev; +Cc: ap420073
This patch series fixes several bugs in the gtp module.
First patch fixes suspicious RCU usage.
The problem is to use rcu_dereference_sk_user_data() outside of
RCU read critical section.
Second patch fixes use-after-free.
gtp_encap_destroy() is called twice.
gtp_encap_destroy() use both gtp->sk0 and gtp->sk1u.
these pointers can be freed in gtp_encap_destroy().
So, gtp_encap_destroy() should avoid using freed sk pointer.
Third patch removes duplicate code in gtp_dellink().
gtp_dellink() calls gtp_encap_disable() twice.
So, remove one of them.
Fourth patch fixes usage of GFP_KERNEL.
GFP_KERNEL can not be used in RCU read critical section.
This patch make ipv4_pdp_add() to use GFP_ATOMIC instead of GFP_KERNEL.
Fifth patch fixes use-after-free in gtp_newlink().
gtp_newlink() uses gtp_net which would be destroyed by the __exit_net
routine.
So, gtp_newlink should not be called after the __exit_net routine.
Sixth patch adds missing error handling routine in gtp_encap_enable().
gtp_encap_enable() will fail, if invalid role value is sent from
user-space. if so, gtp_encap_enable() should execute error handling
routine.
Taehee Yoo (6):
gtp: fix suspicious RCU usage
gtp: fix use-after-free in gtp_encap_destroy()
gtp: remove duplicate code in gtp_dellink()
gtp: fix Illegal context switch in RCU read-side critical section.
gtp: fix use-after-free in gtp_newlink()
gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
drivers/net/gtp.c | 37 +++++++++++++++++++++++++++++--------
1 file changed, 29 insertions(+), 8 deletions(-)
--
2.17.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH net 0/6] gtp: fix several bugs
2019-07-02 15:20 [PATCH net 0/6] gtp: fix several bugs Taehee Yoo
@ 2019-07-03 1:08 ` Harald Welte
2019-07-03 1:31 ` Taehee Yoo
2019-07-08 1:55 ` David Miller
1 sibling, 1 reply; 4+ messages in thread
From: Harald Welte @ 2019-07-03 1:08 UTC (permalink / raw)
To: Taehee Yoo; +Cc: davem, pablo, Pau Espin, osmocom-net-gprs, netdev
Hi Taehee,
On Wed, Jul 03, 2019 at 12:20:34AM +0900, Taehee Yoo wrote:
> This patch series fixes several bugs in the gtp module.
thanks a lot for your patches, they are much appreciated.
They look valid to me after a brief initial review.
However, I'm currently on holidays and don't have the ability to test
any patches until my return on July 17. Maybe Pablo and/or Pau can have
a look meanwhile? Thanks in advance.
Regards,
Harald
--
- Harald Welte <laforge@gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH net 0/6] gtp: fix several bugs
2019-07-03 1:08 ` Harald Welte
@ 2019-07-03 1:31 ` Taehee Yoo
0 siblings, 0 replies; 4+ messages in thread
From: Taehee Yoo @ 2019-07-03 1:31 UTC (permalink / raw)
To: Harald Welte
Cc: David Miller, Pablo Neira Ayuso, Pau Espin, osmocom-net-gprs, Netdev
Hi Harald,
On Wed, 3 Jul 2019 at 09:10, Harald Welte <laforge@gnumonks.org> wrote:
>
> Hi Taehee,
>
> On Wed, Jul 03, 2019 at 12:20:34AM +0900, Taehee Yoo wrote:
> > This patch series fixes several bugs in the gtp module.
>
> thanks a lot for your patches, they are much appreciated.
>
> They look valid to me after a brief initial review.
>
> However, I'm currently on holidays and don't have the ability to test
> any patches until my return on July 17. Maybe Pablo and/or Pau can have
> a look meanwhile? Thanks in advance.
>
Thank you for letting me know.
Thanks a lot!
> Regards,
> Harald
> --
> - Harald Welte <laforge@gnumonks.org> http://laforge.gnumonks.org/
> ============================================================================
> "Privacy in residential applications is a desirable marketing option."
> (ETSI EN 300 175-7 Ch. A6)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH net 0/6] gtp: fix several bugs
2019-07-02 15:20 [PATCH net 0/6] gtp: fix several bugs Taehee Yoo
2019-07-03 1:08 ` Harald Welte
@ 2019-07-08 1:55 ` David Miller
1 sibling, 0 replies; 4+ messages in thread
From: David Miller @ 2019-07-08 1:55 UTC (permalink / raw)
To: ap420073; +Cc: pablo, laforge, osmocom-net-gprs, netdev
From: Taehee Yoo <ap420073@gmail.com>
Date: Wed, 3 Jul 2019 00:20:34 +0900
> This patch series fixes several bugs in the gtp module.
I reviewed these carefully by hand and decided to apply these now.
Thanks Taehee.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-07-08 1:55 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-02 15:20 [PATCH net 0/6] gtp: fix several bugs Taehee Yoo
2019-07-03 1:08 ` Harald Welte
2019-07-03 1:31 ` Taehee Yoo
2019-07-08 1:55 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).