From: Pablo Neira Ayuso <pablo@netfilter.org>
To: "Reshetova, Elena" <elena.reshetova@intel.com>
Cc: "netfilter-devel@vger.kernel.org"
<netfilter-devel@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"kadlec@blackhole.kfki.hu" <kadlec@blackhole.kfki.hu>,
"peterz@infradead.org" <peterz@infradead.org>,
"keescook@chromium.org" <keescook@chromium.org>
Subject: Re: [PATCH 0/7] net, netfilter refcounter conversions
Date: Fri, 17 Mar 2017 12:50:41 +0100 [thread overview]
Message-ID: <20170317115041.GA4979@salvia> (raw)
In-Reply-To: <2236FBA76BA1254E88B949DDB74E612B41C59A26@IRSMSX102.ger.corp.intel.com>
On Thu, Mar 16, 2017 at 07:52:19AM +0000, Reshetova, Elena wrote:
>
> > On Wed, Mar 15, 2017 at 01:10:38PM +0200, Elena Reshetova wrote:
> > > This series, for the netfilter subsystem, replaces atomic_t reference
> > > counters with the new refcount_t type and API (see include/linux/refcount.h).
> > > By doing this we prevent intentional or accidental
> > > underflows or overflows that can led to use-after-free vulnerabilities.
> > >
> > > Please take the series to your tree if there are no run-time issues.
> >
> > Could you collapse all of your patches into one single? They are all
> > part of the same logical change to me.
> >
> > > 21 files changed, 85 insertions(+), 75 deletions(-)
> >
> > The diffstat is small enough to do what I'm asking.
>
> Sure. The reason why they are separated is that it is easier to
> review them this way IMO and find mistakes (I found many after I
> split all networking patches into one per variable). But I guess
> for merge, it is easier to have them collapsed, so I am going to
> send you a new version shortly.
In my particular case, collapsing them is good so the Netfilter batch
I pass up to David becomes smaller. Thanks!
prev parent reply other threads:[~2017-03-17 11:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-15 11:10 [PATCH 0/7] net, netfilter refcounter conversions Elena Reshetova
2017-03-15 11:10 ` [PATCH 1/7] net, netfilter: convert ip_vs_conn.refcnt from atomic_t to refcount_t Elena Reshetova
2017-03-18 2:52 ` kbuild test robot
2017-03-15 11:10 ` [PATCH 2/7] net, netfilter: convert ip_vs_dest.refcnt " Elena Reshetova
2017-03-15 11:10 ` [PATCH 3/7] net, netfilter: convert ctnl_timeout.refcnt " Elena Reshetova
2017-03-15 11:10 ` [PATCH 4/7] net, netfilter: convert nf_acct.refcnt " Elena Reshetova
2017-03-15 11:10 ` [PATCH 5/7] net, netfilter: convert nf_conntrack_expect.use " Elena Reshetova
2017-03-15 11:10 ` [PATCH 6/7] net, netfilter: convert nfulnl_instance.use " Elena Reshetova
2017-03-15 11:10 ` [PATCH 7/7] net, netfilter: convert clusterip_config.refcount and clusterip_config.entries " Elena Reshetova
2017-03-15 13:02 ` [PATCH 0/7] net, netfilter refcounter conversions Pablo Neira Ayuso
2017-03-16 7:52 ` Reshetova, Elena
2017-03-17 11:50 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170317115041.GA4979@salvia \
--to=pablo@netfilter.org \
--cc=elena.reshetova@intel.com \
--cc=kadlec@blackhole.kfki.hu \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.