| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 06 Jul 2016 10:12:57 +0200 From: Daniel Borkmann <daniel@...earbox.net> To: David Miller <davem@...emloft.net>, alexei.starovoitov@...il.com CC: sargun@...gun.me, netdev@...r.kernel.org Subject: Re: Backport bpf: try harder on clones when writing into skb? [Commit: 3697649ff29e0f647565eed04b27a7779c646a22] On 07/06/2016 05:47 AM, David Miller wrote: > From: Alexei Starovoitov <alexei.starovoitov@...il.com> > Date: Tue, 5 Jul 2016 19:16:51 -0700 > >> On Tue, Jul 05, 2016 at 08:35:18AM -0700, Sargun Dhillon wrote: >>> Does it make sense to backport >>> 3697649ff29e0f647565eed04b27a7779c646a22 from 4.6 to the longterm >>> (4.4) release? I can trivially recreate the issue represented by >>> 3697649ff29e0f647565eed04b27a7779c646a22 by attaching a eBPF filter >>> that clones an ingress ICMP packet, and then tries to set the >>> destination MAC address. >>> >>> It seems like the patch applies cleanly to 4.4. I cherry-picked it, >>> and rebuilt my kernel, and at least in the trivial test case passes. >> >> Makes sense to me, especially since it's lts. >> Daniel, thoughts? > > I'll queued this up for 4.4 -stable. Sounds good, thanks!
Powered by blists - more mailing lists