lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 09 Nov 2017 03:02:14 +0100 From: Johannes Berg <johannes@...solutions.net> To: "Jason A. Donenfeld" <Jason@...c4.com>, davem@...emloft.net, Netdev <netdev@...r.kernel.org>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v3] af_netlink: ensure that NLMSG_DONE never fails in dumps On Thu, 2017-11-09 at 10:42 +0900, Jason A. Donenfeld wrote: > +++ b/net/netlink/af_netlink.c > @@ -2136,7 +2136,7 @@ static int netlink_dump(struct sock *sk) > struct sk_buff *skb = NULL; > struct nlmsghdr *nlh; > struct module *module; > - int len, err = -ENOBUFS; > + int err = -ENOBUFS; > int alloc_min_size; > int alloc_size; > > @@ -2183,9 +2183,10 @@ static int netlink_dump(struct sock *sk) > skb_reserve(skb, skb_tailroom(skb) - alloc_size); > netlink_skb_set_owner_r(skb, sk); > > - len = cb->dump(skb, cb); > + if (nlk->dump_done_errno > 0) > + nlk->dump_done_errno = cb->dump(skb, cb); > > - if (len > 0) { > + if (nlk->dump_done_errno > 0 || skb_tailroom(skb) < nlmsg_total_size(sizeof(nlk->dump_done_errno))) { > mutex_unlock(nlk->cb_mutex); nit: I think your line got a little long here :) > - memcpy(nlmsg_data(nlh), &len, sizeof(len)); > + memcpy(nlmsg_data(nlh), &nlk->dump_done_errno, sizeof(nlk->dump_done_errno)); and here > + nlk->dump_done_errno = INT_MAX; I guess positive values aren't really returned from dump? johannes
Powered by blists - more mailing lists