| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Oct 2010 10:29:40 -0700 (PDT) From: David Miller <davem@...emloft.net> To: torvalds@...ux-foundation.org Cc: drosenberg@...curity.com, jon.maloy@...csson.com, allan.stephens@...driver.com, netdev@...r.kernel.org, security@...nel.org Subject: Re: [Security] TIPC security issues From: Linus Torvalds <torvalds@...ux-foundation.org> Date: Thu, 21 Oct 2010 17:31:12 -0700 > Something like the appended UNTESTED patch. NOTE! it actually makes > "verify_iovec()" *change* the iovec if it grows too big. Ok I thought a bit about this patch. How we can behave here depends upon the socket type. For example, for a stream socket such as TCP a partial write is OK and we could truncate the iovec like this. That's fine. But for a datagram socket, we have to have a one-to-one correspondance between write() calls and packets on the wire. So we'd either need to accept the entire write() length or fail it with an error. verify_iovec() (currently) doesn't have the socket type information available, so it's not able to key off of that right now. I agree that cutting off these cases at a high level would be the thing to do long term, but right now verify_iovec() isn't positioned such that we can do it just yet. For now I'm going to look into specifically fixing the TIPC case and also think longer term about another way to address this at a high level. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists