| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 31 May 2009 19:40:16 -0400 From: jamal <hadi@...erus.ca> To: Jarek Poplawski <jarkao2@...il.com> Cc: Minoru Usui <usui@....nes.nec.co.jp>, netdev@...r.kernel.org, containers@...ts.linux-foundation.org Subject: Re: [BUG] net_cls: Panic occured when net_cls subsystem use On Sun, 2009-05-31 at 21:55 +0200, Jarek Poplawski wrote: > But then, there could be "tc filter replace" with only this > (n->nlmsg_type == RTM_NEWTFILTER && (n->nlmsg_flags&(NLM_F_CREATE))) > which can't get here with a newly created tp, I guess. Right - because in that case tp would already exist and would be found in the lookup. > I'm almost sure these commands (right or wrong) can trigger such a > leak: > > $ sudo tc qdisc add dev lo root handle 1: htb > $ sudo tc filter add dev lo proto ip pref 1 handle 800::1 u32 match u32 0 0 classid 1:1 > $ sudo tc filter add dev lo proto ip pref 2 handle 800::1 u32 match u32 0 0 classid 1:1 > RTNETLINK answers: File exists You are good - A tip of my hat and a wag of my finger at you;-> Ok, now i looked a lot closer at all 8 classifiers and u32 is the only one that can fault. It just needs to be fixed. I will wait until Minoru's patch and then i will submit a fix for it. Of course the commands from user space are a little rude ;-> cheers, jamal -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists