[net-next-2.6,v4,00/14] l2tp: Introduce L2TPv3 support

Message ID	1270367668.1971.3.camel@edumazet-laptop
State	Accepted, archived
Delegated to:	David Miller
Headers	show Return-Path: <netdev-owner@vger.kernel.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:x-mailer:content-transfer-encoding; b=LmObPIO2g4XoTVBBUAlOcty8O/OiJpM8H0FwHIixvlXFXFaOWePXcoijVi8fbJEScn SGQvKW8Miq/wcdXURYDIqm4EEvMOcT02N0T0sqaRRN37NSTRXufdxL/t5p7YBa3ei/WS 72nOp1fk07cWg7V8bkdjKVX4yGsKhdymlQVUk= Subject: Re: [PATCH net-next-2.6 v4 00/14] l2tp: Introduce L2TPv3 support From: Eric Dumazet <eric.dumazet@gmail.com> To: David Miller <davem@davemloft.net> Cc: jchapman@katalix.com, netdev@vger.kernel.org In-Reply-To: <20100403.142522.01040744.davem@davemloft.net> References: <20100402161822.11367.70454.stgit@bert.katalix.com> <20100403.142522.01040744.davem@davemloft.net> Content-Type: text/plain; charset="UTF-8" Date: Sun, 04 Apr 2010 09:54:28 +0200 Message-ID: <1270367668.1971.3.camel@edumazet-laptop> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk

Message ID

1270367668.1971.3.camel@edumazet-laptop

State

Accepted, archived

Delegated to:

David Miller

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=subject:from:to:cc:in-reply-to:references:content-type:date
	:message-id:mime-version:x-mailer:content-transfer-encoding;
	b=LmObPIO2g4XoTVBBUAlOcty8O/OiJpM8H0FwHIixvlXFXFaOWePXcoijVi8fbJEScn
	SGQvKW8Miq/wcdXURYDIqm4EEvMOcT02N0T0sqaRRN37NSTRXufdxL/t5p7YBa3ei/WS
	72nOp1fk07cWg7V8bkdjKVX4yGsKhdymlQVUk=
Subject: Re: [PATCH net-next-2.6 v4 00/14] l2tp: Introduce L2TPv3 support
From: Eric Dumazet <eric.dumazet@gmail.com>
To: David Miller <davem@davemloft.net>
Cc: jchapman@katalix.com, netdev@vger.kernel.org
In-Reply-To: <20100403.142522.01040744.davem@davemloft.net>
References: <20100402161822.11367.70454.stgit@bert.katalix.com>
	<20100403.142522.01040744.davem@davemloft.net>
Content-Type: text/plain; charset="UTF-8"
Date: Sun, 04 Apr 2010 09:54:28 +0200
Message-ID: <1270367668.1971.3.camel@edumazet-laptop>
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Commit Message

Eric Dumazet April 4, 2010, 7:54 a.m. UTC

Le samedi 03 avril 2010 à 14:25 -0700, David Miller a écrit :
> From: James Chapman <jchapman@katalix.com>
> Date: Fri, 02 Apr 2010 17:18:23 +0100
> 
> > This patch series adds L2TPv3 support. It splits the existing pppol2tp
> > driver to separate its L2TP and PPP parts, then adds new L2TPv3
> > functionality. The patches implement a new socket family for L2TPv3 IP
> > encapsulation, expose virtual netdevices for each L2TPv3 ethernet
> > pseudowire and add a netlink interface.
> 
> Ok I'm going to toss this into net-next-2.6, we have time to
> fixup any remaining issues people might discover.
> 

[PATCH net-next-2.6] l2tp: unmanaged L2TPv3 tunnels fixes

Followup to commit 789a4a2c 
(l2tp: Add support for static unmanaged L2TPv3 tunnels)

One missing init in l2tp_tunnel_sock_create() could access random kernel
memory, and a bit field should be unsigned.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
---
 net/l2tp/l2tp_core.c |    2 +-
 net/l2tp/l2tp_core.h |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

David Miller April 4, 2010, 8:02 a.m. UTC | #1

From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Sun, 04 Apr 2010 09:54:28 +0200

> [PATCH net-next-2.6] l2tp: unmanaged L2TPv3 tunnels fixes
> 
> Followup to commit 789a4a2c 
> (l2tp: Add support for static unmanaged L2TPv3 tunnels)
> 
> One missing init in l2tp_tunnel_sock_create() could access random kernel
> memory, and a bit field should be unsigned.
> 
> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>

Applied, thanks Eric.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Eric Dumazet April 4, 2010, 8:14 a.m. UTC | #2

Le dimanche 04 avril 2010 à 01:02 -0700, David Miller a écrit :
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Sun, 04 Apr 2010 09:54:28 +0200
> 
> > [PATCH net-next-2.6] l2tp: unmanaged L2TPv3 tunnels fixes
> > 
> > Followup to commit 789a4a2c 
> > (l2tp: Add support for static unmanaged L2TPv3 tunnels)
> > 
> > One missing init in l2tp_tunnel_sock_create() could access random kernel
> > memory, and a bit field should be unsigned.
> > 
> > Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
> 
> Applied, thanks Eric.

I am going to work on net/l2tp/l2tp_core.c, since RCU conversion is
wrong (but original code was wong too...)

Example :

There is no real protection in following code, since no refcount is
taken on session before releasing rcu_read_lock :

static struct l2tp_session *l2tp_session_find_2(struct net *net, u32 session_id)
{
        struct l2tp_net *pn = l2tp_pernet(net);
        struct hlist_head *session_list =
                l2tp_session_id_hash_2(pn, session_id);
        struct l2tp_session *session;
        struct hlist_node *walk;

        rcu_read_lock_bh();
        hlist_for_each_entry_rcu(session, walk, session_list, global_hlist) {
                if (session->session_id == session_id) {
                        rcu_read_unlock_bh();
                        return session;
                }
        }
        rcu_read_unlock_bh();

        return NULL;
}


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 13ed85b..98dfcce 100644
--- a/net/l2tp/l2tp_core.c
+++ b/net/l2tp/l2tp_core.c
@@ -1227,7 +1227,7 @@  static int l2tp_tunnel_sock_create(u32 tunnel_id, u32 peer_tunnel_id, struct l2t
 	int err = -EINVAL;
 	struct sockaddr_in udp_addr;
 	struct sockaddr_l2tpip ip_addr;
-	struct socket *sock;
+	struct socket *sock = NULL;
 
 	switch (cfg->encap) {
 	case L2TP_ENCAPTYPE_UDP:
diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h
index 91b1b9c..f0f318e 100644
--- a/net/l2tp/l2tp_core.h
+++ b/net/l2tp/l2tp_core.h
@@ -152,7 +152,7 @@  struct l2tp_tunnel_cfg {
 	struct in_addr		peer_ip;
 	u16			local_udp_port;
 	u16			peer_udp_port;
-	int			use_udp_checksums:1;
+	unsigned int		use_udp_checksums:1;
 };
 
 struct l2tp_tunnel {

[net-next-2.6,v4,00/14] l2tp: Introduce L2TPv3 support

Commit Message

Comments

Patch