Re: [PATCH 1/1] ipv4: Fixed MD5 key lookups when adding/ removingMD5 to/ from TCP sockets.
From: Eric Dumazet
Date: Fri Jun 14 2013 - 03:21:42 EST
On Fri, 2013-06-14 at 18:56 +1200, Aydin Arik wrote:
> MD5 key lookups on a given TCP socket were being performed
> incorrectly. This fix alters parameter inputs to the MD5
> lookup function tcp_md5_do_lookup, which is called by functions
> tcp_md5_do_add and tcp_md5_do_del. Specifically, the change now
> inputs the correct address and address family required to make
> a proper lookup.
>
> Signed-off-by: Aydin Arik <aydin.arik@xxxxxxxxxxxxxxxxxxx>
> ---
> net/ipv4/tcp_ipv4.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index d09203c..04dfdc9 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -1005,7 +1005,7 @@ int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr,
> struct tcp_sock *tp = tcp_sk(sk);
> struct tcp_md5sig_info *md5sig;
>
> - key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&addr, AF_INET);
> + key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, family);
> if (key) {
> /* Pre-existing entry - just update that one. */
> memcpy(key->key, newkey, newkeylen);
> @@ -1050,7 +1050,7 @@ int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, int family)
> struct tcp_md5sig_key *key;
> struct tcp_md5sig_info *md5sig;
>
> - key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&addr, AF_INET);
> + key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, family);
> if (!key)
> return -ENOENT;
> hlist_del_rcu(&key->node);
Good catch !
Could you remove the casts "(union tcp_md5_addr *)" as well ?
And please add in the changelog the bug origin to ease stable
submissions :
commit a915da9b69273815527ccb3789421cb7027b545b
("tcp: md5: rcu conversion")
Thanks !
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/