Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Hangbin Liu
2017-06-09 20:29 GMT+08:00 Hangbin Liu : > On Fri, Jun 09, 2017 at 05:49:50PM +0800, Xin Long wrote: >> another fix is to move xfrm_garbage_collect out of xfrm_policy_flush. >> I could only see two places need to call it. >> something like: >> >> --- a/net/key/af_key.c >> +++ b/net/key/af_key.c >>

Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Hangbin Liu
On Fri, Jun 09, 2017 at 05:49:50PM +0800, Xin Long wrote: > another fix is to move xfrm_garbage_collect out of xfrm_policy_flush. > I could only see two places need to call it. > something like: > > --- a/net/key/af_key.c > +++ b/net/key/af_key.c > @@ -2755,6 +2755,8 @@ static int pfkey_spdflush(s

Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Xin Long
On Fri, Jun 9, 2017 at 5:06 PM, Hangbin Liu wrote: > 2017-06-09 16:43 GMT+08:00 Xin Long : >> On Fri, Jun 9, 2017 at 4:32 PM, Steffen Klassert >> wrote: >>> On Fri, Jun 09, 2017 at 04:23:01PM +0800, Hangbin Liu wrote: Hi Steffen, BTW, If we put the check in xfrm_policy_flush(), we

Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Hangbin Liu
2017-06-09 16:43 GMT+08:00 Xin Long : > On Fri, Jun 9, 2017 at 4:32 PM, Steffen Klassert > wrote: >> On Fri, Jun 09, 2017 at 04:23:01PM +0800, Hangbin Liu wrote: >>> Hi Steffen, >>> >>> BTW, If we put the check in xfrm_policy_flush(), we can prevent it earlier. >>> But If we put the check in flow_

Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Xin Long
On Fri, Jun 9, 2017 at 4:32 PM, Steffen Klassert wrote: > On Fri, Jun 09, 2017 at 04:23:01PM +0800, Hangbin Liu wrote: >> Hi Steffen, >> >> BTW, If we put the check in xfrm_policy_flush(), we can prevent it earlier. >> But If we put the check in flow_cache_percpu_empty(), we can prevent >> other f

Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Steffen Klassert
On Fri, Jun 09, 2017 at 04:23:01PM +0800, Hangbin Liu wrote: > Hi Steffen, > > BTW, If we put the check in xfrm_policy_flush(), we can prevent it earlier. > But If we put the check in flow_cache_percpu_empty(), we can prevent > other functions set fc->percpu to NULL, although not much possible : )

Re: [PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Hangbin Liu
Hi Steffen, BTW, If we put the check in xfrm_policy_flush(), we can prevent it earlier. But If we put the check in flow_cache_percpu_empty(), we can prevent other functions set fc->percpu to NULL, although not much possible : ) So I'm not quite sure whether we should put the check in flow_cache_p

[PATCH net] net/flow: fix fc->percpu NULL pointer dereference

2017-06-09 Thread Hangbin Liu
Now we will force to do garbage collection if any policy removed in xfrm_policy_flush(). But during xfrm_net_exit(). We call flow_cache_fini() first and set set fc->percpu to NULL. Then after we call xfrm_policy_fini() -> frxm_policy_flush() -> flow_cache_flush(), we will get NULL pointer dereferen