| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 Feb 2015 13:24:32 +0100 From: Steffen Klassert <steffen.klassert@...unet.com> To: Nicolas Dichtel <nicolas.dichtel@...nd.com> CC: Fan Du <fan.du@...el.com>, <herbert@...dor.apana.org.au>, <davem@...emloft.net>, <netdev@...r.kernel.org>, <fengyuleidian0615@...il.com> Subject: Re: [PATCHv3, ipsec-next] xfrm: Do not parse 32bits compiled xfrm netlink msg on 64bits host On Mon, Feb 02, 2015 at 10:02:50AM +0100, Nicolas Dichtel wrote: > Le 02/02/2015 09:44, Steffen Klassert a écrit : > >On Thu, Jan 29, 2015 at 11:29:51AM +0100, Nicolas Dichtel wrote: > [snip] > >> > >>The point I try to make is that patching userland apps allows to use xfrm on a > >>32bits userland / 64bits kernel. > > > >Ugh, I did not know that this is used that way. Which applications do this? > >So the situation is worse than I thought. What happens to such applications > >if we add a compat layer in the kernel? I'd guess they will break, right? > A compat layer will be perfect. I just wanted to highlight the fact that without > this patch, it's possible to have a workaround to use netlink-xfrm and after it, > it will be impossible. You did not answer my question about the applications that do this. If it is just possible, but there are no actual users, we should apply this patch as soon as possible to avoid any abuse of this ABI. I tend to apply this patch unless you can come up with a real world application that will break if we do so. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists