| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 04 Mar 2016 03:22:54 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: Cong Wang <xiyou.wangcong@...il.com>
CC: David Miller <davem@...emloft.net>, Thomas Graf <tgraf@...g.ch>,
Pravin B Shelar <pshelar@...ira.com>, jesse@...nel.org,
Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Re: [PATCH net] vxlan: fix missing options_len update on RX with
collect metadata
On 03/04/2016 01:16 AM, Cong Wang wrote:
> On Thu, Mar 3, 2016 at 12:58 AM, Daniel Borkmann <daniel@...earbox.net> wrote:
>> On 03/03/2016 02:21 AM, Cong Wang wrote:
>>>
>>> Why not set it in tun_rx_dst() where it is allocated?
>>
>> Nope, current convention is to only fill options_len when an actual
>> option was detected on RX, f.e. see ip_tunnel_info_opts_set() in
>> geneve. Consumers like ovs_flow_key_extract() check for options_len
>> and not TUNNEL_OPTIONS_PRESENT to copy it via ip_tunnel_info_opts_get()
>> from there.
>
> But the APIs suck...
>
> You expect to use ip_tunnel_info_opts_{get,set}() to read or write
> the tun_info, but actually this is not the case here for vxlan.
Yep, since depending on the working mode either skb->mark is populated
or the tunnel opts buffer.
> Also, ip_tunnel_info_opts_set() could write out of range if the len is
> bigger than the allocated length. I know existing callers are fine, but this API
> is problematic.
Current call sites are good agree, API could probably be better, yeah.
> I think this is why we had this bug.
Powered by blists - more mailing lists