| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iLdtfoYDVoszduyKCpmZpYcpV2=UnwbjAzH0G08nzNwbw@mail.gmail.com>
Date: Tue, 22 Nov 2016 09:46:52 -0800
From: Eric Dumazet <edumazet@...gle.com>
To: "Duyck, Alexander H" <alexander.h.duyck@...el.com>
Cc: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"maan@...bingen.mpg.de" <maan@...bingen.mpg.de>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"ast@...nel.org" <ast@...nel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
"willemb@...gle.com" <willemb@...gle.com>,
"jslaby@...e.cz" <jslaby@...e.cz>,
"davem@...emloft.net" <davem@...emloft.net>,
"yibyang@...co.com" <yibyang@...co.com>
Subject: Re: Linux 4.4.34
.
>
> I was wondering if we shouldn't just cap all cases?
>
> It seems like this could potentially return a value greater than skb-
>>len in the "good" case since things like IP header length isn't
> validated other then making sure it meets the minimum value, and if
> there isn't a recognized L4 header after that we could return that as a
> final value.
>
I honestly think you are looking at the wrong causes.
This is an aliasing problem.
Tom code is hard to read and understand.
Andre, could you try :
diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index 69e4463a4b1b..b045980faaea 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -157,6 +157,7 @@ bool __skb_flow_dissect(const struct sk_buff *skb,
memcpy(key_eth_addrs, ð->h_dest, sizeof(*key_eth_addrs));
}
+ barrier();
again:
switch (proto) {
case htons(ETH_P_IP): {
Powered by blists - more mailing lists