| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <57607309.3000600@gmail.com>
Date: Tue, 14 Jun 2016 22:11:37 +0100
From: Sudip Mukherjee <sudipm.mukherjee@...il.com>
To: Ben Hutchings <ben@...adent.org.uk>, linux-kernel@...r.kernel.org,
stable@...r.kernel.org
CC: akpm@...ux-foundation.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
Doug Ledford <dledford@...hat.com>,
Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
Jann Horn <jann@...jh.net>
Subject: Re: [PATCH 3.2 31/46] IB/security: Restrict use of the write() interface
On Sunday 12 June 2016 10:34 PM, Ben Hutchings wrote:
> 3.2.81-rc1 review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Jason Gunthorpe <jgunthorpe@...idianresearch.com>
>
> commit e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 upstream.
>
> The drivers/infiniband stack uses write() as a replacement for
> bi-directional ioctl(). This is not safe. There are ways to
> trigger write calls that result in the return structure that
> is normally written to user space being shunted off to user
> specified kernel memory instead.
>
<snip>
> Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
> ---
> --- a/drivers/infiniband/core/ucm.c
> +++ b/drivers/infiniband/core/ucm.c
> @@ -48,6 +48,7 @@
>
> #include <asm/uaccess.h>
>
> +#include <rdma/ib.h>
This is breaking the build. There is no rdma/ib.h . The file was created by:
8d36eb01da5d ("RDMA/cma: Define native IB address")
build log is at: https://gitlab.com/sudipm/linux-next/builds/1771265
Regards
Sudip
Powered by blists - more mailing lists