Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B8E5C433EF for ; Fri, 17 Dec 2021 11:22:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235311AbhLQLV6 (ORCPT ); Fri, 17 Dec 2021 06:21:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55018 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233443AbhLQLV5 (ORCPT ); Fri, 17 Dec 2021 06:21:57 -0500 Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BAA2FC06173E for ; Fri, 17 Dec 2021 03:21:56 -0800 (PST) Received: by mail-wm1-x329.google.com with SMTP id p36-20020a05600c1da400b003457428ec78so2637163wms.3 for ; Fri, 17 Dec 2021 03:21:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=b7wCHOvs45jhnC7XuyqmlLe/ZuZPVp+HAfTPI5Xa2rc=; b=IbGU0gXI3aj7M7rsWXaz58qc6sm5aCK8trwuh7TiyxQ05QF2Ev6sza9b8Cj1+fbjFw T1el7Hw5I/roOh8tCcK/IFLPsfPHyDstzzcGCo1uunaMyBktXw1wtZVPi/+vuwR5l5vO UaEl6idd2XIcfGLv1IlrUKn/Ai/TiMXHYFqwZ7mm6MsZFwKDsWlecYwwW5+ZZZMo92Lm bitqJcDRSEjY0Fj6kKk6yZEb9zEwGM52vHQ5bzlYRAOX75ur5zfEuqCro4tzyH1jEpY4 jpAjeHUCzuNQXqwSrh0oPU0aBAd20bCxHT6MDs8jJWgmbMUimPl0Hle1Vzdst63QbdlQ TRUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=b7wCHOvs45jhnC7XuyqmlLe/ZuZPVp+HAfTPI5Xa2rc=; b=nIcvzmhYe546npoxylZz9gdVrBgli89vptdPXDSrCexMqEjsEIM7Dhtlno99wCGXu3 GJ/2dfgbZIawLSp+M90P6pfiwg/3iLPApkMGdJG97XJ6GONjuHQyr4lopYdjNmqKZSsK S8QMCfkjPg020ljoAZ8sCZOy+Lnr1jgSRhPVvDIg/Dzo4D6XQuJMzuIeLJuzhgcbm5uZ nS55SOHFosIAsZYTSwy/QpSE4ktQnPZ4KTNCHwceLfyk4JJpId04JSybIkcYIx5Ugj61 NiEAPOyiDHNDirdqdRaNNLZYlRsWp8QqnzuNPwKEZdX76baxnQpaf+5KJL1UlgVzyFTk 62Aw== X-Gm-Message-State: AOAM531oSGXA4yjF/d5ugUZlu4LJAcp4hmKGuOIDJ0M0oHZs2x0Rwpen +7e0KEsHDBHWx7oQGSxhVkJ5xw== X-Google-Smtp-Source: ABdhPJyJc7u+feUS+x+soNm2i/bRHMLVWEnj454hUUTmnY+fjIXlM4qlznKBeLrAeEMn4fHfKRhvHQ== X-Received: by 2002:a7b:c452:: with SMTP id l18mr2318480wmi.46.1639740115302; Fri, 17 Dec 2021 03:21:55 -0800 (PST) Received: from google.com ([2.31.167.18]) by smtp.gmail.com with ESMTPSA id g3sm3725926wrp.79.2021.12.17.03.21.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 17 Dec 2021 03:21:54 -0800 (PST) Date: Fri, 17 Dec 2021 11:21:52 +0000 From: Lee Jones To: Jakub Kicinski Cc: Xin Long , LKML , Vlad Yasevich , Neil Horman , Marcelo Ricardo Leitner , "David S. Miller" , lksctp developers , "H.P. Yarroll" , Karl Knutson , Jon Grimm , Xingang Guo , Hui Huang , Sridhar Samudrala , Daisy Chang , Ryan Layer , Kevin Gao , network dev Subject: Re: [RESEND 2/2] sctp: hold cached endpoints to prevent possible UAF Message-ID: References: <20211214215732.1507504-1-lee.jones@linaro.org> <20211214215732.1507504-2-lee.jones@linaro.org> <20211215174818.65f3af5e@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com> <20211216124430.142a013c@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20211216124430.142a013c@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 16 Dec 2021, Jakub Kicinski wrote: > On Thu, 16 Dec 2021 16:39:15 +0000 Lee Jones wrote: > > > > You should squash the two patches together. > > > > I generally like patches to encapsulate functional changes. > > > > This one depends on the other, but they are not functionally related. > > > > You're the boss though - I'll squash them if you insist. > > Yes, please squash them. I'm just about to make some changes to the patches. Specifically, I'm going to make sctp_endpoint_hold() return the endpoint it incremented, in order to prevent schedule related data corruption before/after the increment of refcnt. I'm going to keep the patches separate for the time being (since I'm going to submit this before you get out of bed most likely). Just let me know if you still want them squashed, even with these additional changes (along with their explanation in the commit message), or feel free to squash them yourself if you choose to merge them. -- Lee Jones [李琼斯] Senior Technical Lead - Developer Services Linaro.org │ Open source software for Arm SoCs Follow Linaro: Facebook | Twitter | Blog