aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2008-09-22 19:48:19 -0700
committerDavid S. Miller <davem@davemloft.net>2008-09-22 19:48:19 -0700
commit5c1824587f0797373c95719a196f6098f7c6d20c (patch)
treec3a5af01afc01d88e111c7e1821b03bf404566f6 /security
parentfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 (diff)
ipsec: Fix xfrm_state_walk race
As discovered by Timo Teräs, the currently xfrm_state_walk scheme is racy because if a second dump finishes before the first, we may free xfrm states that the first dump would walk over later. This patch fixes this by storing the dumps in a list in order to calculate the correct completion counter which cures this problem. I've expanded netlink_cb in order to accomodate the extra state related to this. It shouldn't be a big deal since netlink_cb is kmalloced for each dump and we're just increasing it by 4 or 8 bytes. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions