[PATCH] ipv6/addrlabel: fix ip6addrlbl

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] ipv6/addrlabel: fix ip6addrlbl_get()
@ 2015-12-21  9:54 Andrey Ryabinin
  2015-12-21 19:37 ` Cong Wang
  2015-12-22 20:58 ` David Miller
  0 siblings, 2 replies; 4+ messages in thread
From: Andrey Ryabinin @ 2015-12-21  9:54 UTC (permalink / raw)
  To: David S. Miller, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy
  Cc: netdev, linux-kernel, Andrey Ryabinin

ip6addrlbl_get() has never worked. If ip6addrlbl_hold() succeeded,
ip6addrlbl_get() will exit with '-ESRCH'. If ip6addrlbl_hold() failed,
ip6addrlbl_get() will use about to be free ip6addrlbl_entry pointer.

Fix this by inverting ip6addrlbl_hold() check.

Fixes: 2a8cc6c89039 ("[IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table.")
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
---
 net/ipv6/addrlabel.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv6/addrlabel.c b/net/ipv6/addrlabel.c
index 882124e..a8f6986 100644
--- a/net/ipv6/addrlabel.c
+++ b/net/ipv6/addrlabel.c
@@ -552,7 +552,7 @@ static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr *nlh)
 
 	rcu_read_lock();
 	p = __ipv6_addr_label(net, addr, ipv6_addr_type(addr), ifal->ifal_index);
-	if (p && ip6addrlbl_hold(p))
+	if (p && !ip6addrlbl_hold(p))
 		p = NULL;
 	lseq = ip6addrlbl_table.seq;
 	rcu_read_unlock();
-- 
2.4.10


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] ipv6/addrlabel: fix ip6addrlbl_get()
  2015-12-21  9:54 [PATCH] ipv6/addrlabel: fix ip6addrlbl_get() Andrey Ryabinin
@ 2015-12-21 19:37 ` Cong Wang
  2015-12-22  8:04   ` YOSHIFUJI Hideaki
  2015-12-22 20:58 ` David Miller
  1 sibling, 1 reply; 4+ messages in thread
From: Cong Wang @ 2015-12-21 19:37 UTC (permalink / raw)
  To: Andrey Ryabinin
  Cc: David S. Miller, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy, netdev,
	linux-kernel@vger.kernel.org

On Mon, Dec 21, 2015 at 1:54 AM, Andrey Ryabinin
<aryabinin@virtuozzo.com> wrote:
> ip6addrlbl_get() has never worked. If ip6addrlbl_hold() succeeded,
> ip6addrlbl_get() will exit with '-ESRCH'. If ip6addrlbl_hold() failed,
> ip6addrlbl_get() will use about to be free ip6addrlbl_entry pointer.
>
> Fix this by inverting ip6addrlbl_hold() check.
>
> Fixes: 2a8cc6c89039 ("[IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table.")
> Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

Good catch!

Reviewed-by: Cong Wang <cwang@twopensource.com>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] ipv6/addrlabel: fix ip6addrlbl_get()
  2015-12-21 19:37 ` Cong Wang
@ 2015-12-22  8:04   ` YOSHIFUJI Hideaki
  0 siblings, 0 replies; 4+ messages in thread
From: YOSHIFUJI Hideaki @ 2015-12-22  8:04 UTC (permalink / raw)
  To: Andrey Ryabinin, David S. Miller
  Cc: Cong Wang, hideaki.yoshifuji, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy, netdev,
	linux-kernel@vger.kernel.org

Cong Wang wrote:
> On Mon, Dec 21, 2015 at 1:54 AM, Andrey Ryabinin
> <aryabinin@virtuozzo.com> wrote:
>> ip6addrlbl_get() has never worked. If ip6addrlbl_hold() succeeded,
>> ip6addrlbl_get() will exit with '-ESRCH'. If ip6addrlbl_hold() failed,
>> ip6addrlbl_get() will use about to be free ip6addrlbl_entry pointer.
>>
>> Fix this by inverting ip6addrlbl_hold() check.
>>
>> Fixes: 2a8cc6c89039 ("[IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table.")
>> Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
> 
> Good catch!
> 
> Reviewed-by: Cong Wang <cwang@twopensource.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>

-- 
Hideaki Yoshifuji <hideaki.yoshifuji@miraclelinux.com>
Technical Division, MIRACLE LINUX CORPORATION

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] ipv6/addrlabel: fix ip6addrlbl_get()
  2015-12-21  9:54 [PATCH] ipv6/addrlabel: fix ip6addrlbl_get() Andrey Ryabinin
  2015-12-21 19:37 ` Cong Wang
@ 2015-12-22 20:58 ` David Miller
  1 sibling, 0 replies; 4+ messages in thread
From: David Miller @ 2015-12-22 20:58 UTC (permalink / raw)
  To: aryabinin; +Cc: kuznet, jmorris, yoshfuji, kaber, netdev, linux-kernel

From: Andrey Ryabinin <aryabinin@virtuozzo.com>
Date: Mon, 21 Dec 2015 12:54:45 +0300

> ip6addrlbl_get() has never worked. If ip6addrlbl_hold() succeeded,
> ip6addrlbl_get() will exit with '-ESRCH'. If ip6addrlbl_hold() failed,
> ip6addrlbl_get() will use about to be free ip6addrlbl_entry pointer.
> 
> Fix this by inverting ip6addrlbl_hold() check.
> 
> Fixes: 2a8cc6c89039 ("[IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table.")
> Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

Applied and queued up for -stable, thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2015-12-22 20:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-21  9:54 [PATCH] ipv6/addrlabel: fix ip6addrlbl_get() Andrey Ryabinin
2015-12-21 19:37 ` Cong Wang
2015-12-22  8:04   ` YOSHIFUJI Hideaki
2015-12-22 20:58 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox