lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 13 Jun 2013 01:20:55 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	mst@...hat.com
Cc:	linux-kernel@...r.kernel.org, john.r.fastabend@...el.com,
	kaber@...sh.net, netdev@...r.kernel.org
Subject: Re: [PATCH v2] macvlan: don't touch promisc without passthrough

From: "Michael S. Tsirkin" <mst@...hat.com>
Date: Thu, 13 Jun 2013 10:07:29 +0300

> commit df8ef8f3aaa6692970a436204c4429210addb23a
> "macvlan: add FDB bridge ops and macvlan flags"
> added a way to control NOPROMISC macvlan flag through netlink.
> 
> However, with a non passthrough device we never set promisc on open,
> even if NOPROMISC is off.  As a result:
> 
> If userspace clears NOPROMISC on open, then does not clear it on a
> netlink command, promisc counter is not decremented on stop and there
> will be no way to clear it once macvlan is detached.
> 
> If userspace does not clear NOPROMISC on open, then sets NOPROMISC on a
> netlink command, promisc counter will be decremented from 0 and overflow
> to fffffffff with no way to clear promisc.
> 
> To fix, simply ignore NOPROMISC flag in a netlink command for
> non-passthrough devices, same as we do at open/close.
> 
> Since we touch this code anyway - check dev_set_promiscuity return code
> and pass it to users (though an error here is unlikely).
> 
> Cc: "David S. Miller" <davem@...emloft.net>
> Reviewed-by: John Fastabend <john.r.fastabend@...el.com>
> Signed-off-by: Michael S. Tsirkin <mst@...hat.com>

Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists