lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1374940708.13555.37.camel@deadeye.wl.decadent.org.uk>
Date:	Sat, 27 Jul 2013 16:58:28 +0100
From:	Ben Hutchings <ben@...adent.org.uk>
To:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"David S. Miller" <davem@...emloft.net>
Cc:	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [ 06/79] net: Swap ver and type in pppoe_hdr

On Fri, 2013-07-26 at 13:46 -0700, Greg Kroah-Hartman wrote:
> 3.10-stable review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Changli Gao <xiaosuo@...il.com>
> 
> [ Upstream commit b1a5a34bd0b8767ea689e68f8ea513e9710b671e ]
> 
> Ver and type in pppoe_hdr should be swapped as defined by RFC2516
> section-4.
> 
> Signed-off-by: David S. Miller <davem@...emloft.net>
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>

I'm not so sure this is suitable for stable.  It doesn't seem to be
helpful to either userland or kernel code.

In the kernel, we were checking that ver == 1 and type == 1 thus this
wasn't hurting us.

If userland does anything more with these fields then it's probably
already working around the swapped fields.  It can work with both old
and new headers by doing:

#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,11,0)
	/* use pppoe_hdr fields normally */
#else
	/* definitions were wrong before, work around it */
#endif

If this is backported to stable, there is no usable version test.
Userland will have to bypass the bitfields entirely:

	type = *(uint8_t *)hdr & 0xf;
	ver = *(uint8_t *)hdr >> 4;

Ben.

> ---
>  include/uapi/linux/if_pppox.h |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> --- a/include/uapi/linux/if_pppox.h
> +++ b/include/uapi/linux/if_pppox.h
> @@ -135,11 +135,11 @@ struct pppoe_tag {
>  
>  struct pppoe_hdr {
>  #if defined(__LITTLE_ENDIAN_BITFIELD)
> -	__u8 ver : 4;
>  	__u8 type : 4;
> +	__u8 ver : 4;
>  #elif defined(__BIG_ENDIAN_BITFIELD)
> -	__u8 type : 4;
>  	__u8 ver : 4;
> +	__u8 type : 4;
>  #else
>  #error	"Please fix <asm/byteorder.h>"
>  #endif


-- 
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.

Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ