| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Jan 2017 13:28:52 -0700
From: David Ahern <dsa@...ulusnetworks.com>
To: "Chacon, Carlos A" <carlos.chacon@...ech.edu>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Cc: "steffen.klassert@...unet.com" <steffen.klassert@...unet.com>
Subject: Re: [Patch] Fixing order of trinary operator when assigning the
ifindex in XFRM Decode Session
Hi Carlos:
patches sent to netdev should be plain text only. Using git send-email would be best.
Also, the Subject line should start with the area affected (e.g., net: xfrm:) and really should be a bit shorter. e.g., something like this:
[PATCH] net: xfrm: fix flow oif in decode_session
On 1/12/17 1:01 PM, Chacon, Carlos A wrote:
>
> Author: Carlos Chacon <carlos.chacon@...ech.edu>
> Date: Thu Jan 12 11:42:32 2017 -0800
>
> Fixing order of trinary operator when assigning the ifindex in XFRM Decode Session
>
> For xfrm4_policy.c:_decode_session4 and xfrm6_policy.c:_decode_session6 the line
> fl4->flowi4_oif = reverse ? skb->skb_iif : oif;
> fl6->flowi6_oif = reverse ? skb->skb_iif : oif;
> is assigning the incorrect oif to the flow_oif. It should read:
> reverse ? oif : skb->skb_iif;
> The "reverse" variable is defined in net/xfrm/xfrm_policy.c:__xfrm_policy_check
> when it checks if the dir is above the XFRM_POLICY_MASK if this returns false
> it reverses the ifindex, but it should only reverse if it returns true.
The above explanation suggests the reverse flag in __xfrm_policy_check should be fixed. Can you check that and maybe __xfrm_policy_check2 as well?
Powered by blists - more mailing lists