From: Hannes Frederic Sowa
Date: Tue, 10 Nov 2015 16:23:15 +0100
> During splicing an af-unix socket to a pipe we have to drop all
> af-unix socket locks. While doing so we allow another reader to enter
> unix_stream_read_generic which can read, copy and finally free another
> skb. If exactly thi
On Wed, Nov 11, 2015, at 21:09, Eric Dumazet wrote:
> On Wed, 2015-11-11 at 20:58 +0100, Hannes Frederic Sowa wrote:
> >
> > On Wed, Nov 11, 2015, at 20:42, Eric Dumazet wrote:
> > > On Wed, 2015-11-11 at 20:35 +0100, Hannes Frederic Sowa wrote:
> > > >
> > > > On Wed, Nov 11, 2015, at 20:28, Er
On Wed, 2015-11-11 at 20:58 +0100, Hannes Frederic Sowa wrote:
>
> On Wed, Nov 11, 2015, at 20:42, Eric Dumazet wrote:
> > On Wed, 2015-11-11 at 20:35 +0100, Hannes Frederic Sowa wrote:
> > >
> > > On Wed, Nov 11, 2015, at 20:28, Eric Dumazet wrote:
> > > > On Wed, 2015-11-11 at 20:14 +0100, Hann
On Wed, Nov 11, 2015, at 20:42, Eric Dumazet wrote:
> On Wed, 2015-11-11 at 20:35 +0100, Hannes Frederic Sowa wrote:
> >
> > On Wed, Nov 11, 2015, at 20:28, Eric Dumazet wrote:
> > > On Wed, 2015-11-11 at 20:14 +0100, Hannes Frederic Sowa wrote:
> > > > On Wed, Nov 11, 2015, at 19:58, Eric Dumaz
On Wed, 2015-11-11 at 20:35 +0100, Hannes Frederic Sowa wrote:
>
> On Wed, Nov 11, 2015, at 20:28, Eric Dumazet wrote:
> > On Wed, 2015-11-11 at 20:14 +0100, Hannes Frederic Sowa wrote:
> > > On Wed, Nov 11, 2015, at 19:58, Eric Dumazet wrote:
> >
> > > Can you elaborate?
> > >
> > > I use tail
On Wed, Nov 11, 2015, at 20:28, Eric Dumazet wrote:
> On Wed, 2015-11-11 at 20:14 +0100, Hannes Frederic Sowa wrote:
> > On Wed, Nov 11, 2015, at 19:58, Eric Dumazet wrote:
>
> > Can you elaborate?
> >
> > I use tail as a cookie and check if we already tried to append to the
> > same tail skb w
On Wed, 2015-11-11 at 20:14 +0100, Hannes Frederic Sowa wrote:
> On Wed, Nov 11, 2015, at 19:58, Eric Dumazet wrote:
> Can you elaborate?
>
> I use tail as a cookie and check if we already tried to append to the
> same tail skb with skb_append_pagefrags. If during allocation, which we
> do outsid
On Wed, Nov 11, 2015, at 20:14, Hannes Frederic Sowa wrote:
> On Wed, Nov 11, 2015, at 19:58, Eric Dumazet wrote:
> > On Tue, 2015-11-10 at 16:23 +0100, Hannes Frederic Sowa wrote:
> > > During splicing an af-unix socket to a pipe we have to drop all
> > > af-unix socket locks. While doing so we al
On Wed, Nov 11, 2015, at 19:58, Eric Dumazet wrote:
> On Tue, 2015-11-10 at 16:23 +0100, Hannes Frederic Sowa wrote:
> > During splicing an af-unix socket to a pipe we have to drop all
> > af-unix socket locks. While doing so we allow another reader to enter
> > unix_stream_read_generic which can r
On Tue, 2015-11-10 at 16:23 +0100, Hannes Frederic Sowa wrote:
> During splicing an af-unix socket to a pipe we have to drop all
> af-unix socket locks. While doing so we allow another reader to enter
> unix_stream_read_generic which can read, copy and finally free another
> skb. If exactly this sk
During splicing an af-unix socket to a pipe we have to drop all
af-unix socket locks. While doing so we allow another reader to enter
unix_stream_read_generic which can read, copy and finally free another
skb. If exactly this skb is just in process of being spliced we get a
use-after-free report by
11 matches
Mail list logo
