lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 19 May 2023 14:31:58 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Taehee Yoo <ap420073@...il.com>
Cc: davem@...emloft.net, pabeni@...hat.com, edumazet@...gle.com,
 jiri@...nulli.us, j.vosburgh@...il.com, andy@...yhouse.net,
 netdev@...r.kernel.org, jarod@...hat.com, razor@...ckwall.org,
 simon.horman@...igine.com, wangyufen@...wei.com,
 syzbot+60748c96cf5c6df8e581@...kaller.appspotmail.com
Subject: Re: [PATCH net v2] net: fix stack overflow when LRO is disabled for
 virtual interfaces

On Fri, 19 May 2023 15:25:12 +0900 Taehee Yoo wrote:
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 6b12d8a9d463..f051c293ffaa 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -9758,6 +9758,9 @@ int __netdev_update_features(struct net_device *dev)
>                  return -1;
>          }
> 
> +       if (netif_is_bond_master(dev) || netif_is_team_master(dev))
> +               dev->features = features;
> +
>          /* some features must be disabled on lower devices when disabled
>           * on an upper device (think: bonding master or bridge)
>           */
> 
> It fixes the stack overflow problem, but I'm not sure whether updating 
> it before netdev_sync_lower_features() is safe or not.

Indeed, I don't think we can do this, udp_tunnel_drop_rx_info()
will get confused for example. Let me just apply the patch as is..

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ