| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Mar 2014 05:56:40 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: "Michael S. Tsirkin" <mst@...hat.com> Cc: linux-kernel@...r.kernel.org, jbenc@...hat.com, David Miller <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Daniel Borkmann <dborkman@...hat.com>, Simon Horman <horms@...ge.net.au>, Paul Durrant <Paul.Durrant@...rix.com>, Thomas Graf <tgraf@...g.ch>, Miklos Szeredi <mszeredi@...e.cz>, =?UTF-8?q?Peter=20Pan=28=E6=BD=98=E5=8D=AB=E5=B9=B3=29?= <panweiping3@...il.com>, netdev@...r.kernel.org Subject: Re: [PATCH 5/5] skbuff: skb_segment: orphan frags before copying On Mon, Mar 10, 2014 at 11:52:36PM +0200, Michael S. Tsirkin wrote: > > The cover letter has more detail: For some reason I didn't receive this cover letter. > skb_segment ... moves frags > between skbs without orphaning them. > This causes userspace to assume it's safe to > reuse the buffer, and receiver gets corrupted data. > This further might leak information from the > transmitter on the wire. > > if still unclear, pls let me know. Why can't we deal with this by simply postponing the copy until later? IOW if we pass along SKBTX_SHARED_FRAG will it work? Thanks, -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists