Re: [PATCH] tcp: md5: Fix overlap between vrf and non-vrf keys

From: David Ahern
Date: Wed Oct 06 2021 - 21:14:45 EST

Next message: Laurent Pinchart: "Re: [PATCH v2 01/34] component: Introduce struct aggregate_device"
Previous message: Steven Rostedt: "Re: linux-next: Tree for Oct 5 (warnings: a. trace; b. mm/migrate)"
In reply to: Leonard Crestez: "[PATCH] tcp: md5: Fix overlap between vrf and non-vrf keys"
Next in thread: Leonard Crestez: "Re: [PATCH] tcp: md5: Fix overlap between vrf and non-vrf keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/6/21 11:48 AM, Leonard Crestez wrote:
> @@ -1103,11 +1116,11 @@ static struct tcp_md5sig_key *tcp_md5_do_lookup_exact(const struct sock *sk,
> #endif
> hlist_for_each_entry_rcu(key, &md5sig->head, node,
> lockdep_sock_is_held(sk)) {
> if (key->family != family)
> continue;
> - if (key->l3index && key->l3index != l3index)
> + if (key->l3index != l3index)

That seems like the bug fix there. The L3 reference needs to match for
new key and existing key. I think the same change is needed in
__tcp_md5_do_lookup.

> continue;
> if (!memcmp(&key->addr, addr, size) &&
> key->prefixlen == prefixlen)
> return key;
> }
>
> base-commit: 9cbfc51af026f5b721a1b36cf622ada591b3c5de
>

Next message: Laurent Pinchart: "Re: [PATCH v2 01/34] component: Introduce struct aggregate_device"
Previous message: Steven Rostedt: "Re: linux-next: Tree for Oct 5 (warnings: a. trace; b. mm/migrate)"
In reply to: Leonard Crestez: "[PATCH] tcp: md5: Fix overlap between vrf and non-vrf keys"
Next in thread: Leonard Crestez: "Re: [PATCH] tcp: md5: Fix overlap between vrf and non-vrf keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]