| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Apr 2019 22:19:39 +0200
From: Arnd Bergmann <arnd@...db.de>
To: Alexander Viro <viro@...iv.linux.org.uk>
Cc: linux-fsdevel@...r.kernel.org, y2038@...ts.linaro.org,
linux-kernel@...r.kernel.org, Arnd Bergmann <arnd@...db.de>,
Guillaume Nault <g.nault@...halink.fr>,
Michal Ostrowski <mostrows@...thlink.net>,
"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Subject: [PATCH v3 01/26] compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
Support for handling the PPPOEIOCSFWD ioctl in compat mode was added in
linux-2.5.69 along with hundreds of other commands, but was always broken
sincen only the structure is compatible, but the command number is not,
due to the size being sizeof(size_t), or at first sizeof(sizeof((struct
sockaddr_pppox)), which is different on 64-bit architectures.
Guillaume Nault adds:
And the implementation was broken until 2016 (see 29e73269aa4d ("pppoe:
fix reference counting in PPPoE proxy")), and nobody ever noticed. I
should probably have removed this ioctl entirely instead of fixing it.
Clearly, it has never been used.
Fix it by defining a separate command code that matches the 32-bit
version, and marking that one as compatible. As long as we keep the
native ioctl, it seems best to also have the compat version working.
This should apply to all stable kernels.
Acked-by: Guillaume Nault <g.nault@...halink.fr>
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
drivers/net/ppp/pppoe.c | 4 ++++
fs/compat_ioctl.c | 2 +-
include/linux/if_pppox.h | 2 ++
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ppp/pppoe.c b/drivers/net/ppp/pppoe.c
index f22639f0116a..c5e7435db86c 100644
--- a/drivers/net/ppp/pppoe.c
+++ b/drivers/net/ppp/pppoe.c
@@ -57,6 +57,7 @@
*
*/
+#include <linux/compat.h>
#include <linux/string.h>
#include <linux/module.h>
#include <linux/kernel.h>
@@ -784,6 +785,9 @@ static int pppoe_ioctl(struct socket *sock, unsigned int cmd,
err = 0;
break;
+#ifdef CONFIG_COMPAT
+ case PPPOEIOCSFWD32:
+#endif
case PPPOEIOCSFWD:
{
struct pppox_sock *relay_po;
diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c
index 6e30949d9f77..f1065d116b55 100644
--- a/fs/compat_ioctl.c
+++ b/fs/compat_ioctl.c
@@ -639,7 +639,7 @@ COMPATIBLE_IOCTL(PPPIOCATTCHAN)
COMPATIBLE_IOCTL(PPPIOCGCHAN)
COMPATIBLE_IOCTL(PPPIOCGL2TPSTATS)
/* PPPOX */
-COMPATIBLE_IOCTL(PPPOEIOCSFWD)
+COMPATIBLE_IOCTL(PPPOEIOCSFWD32)
COMPATIBLE_IOCTL(PPPOEIOCDFWD)
/* Big A */
/* sparc only */
diff --git a/include/linux/if_pppox.h b/include/linux/if_pppox.h
index ba7a9b0c7c57..d221f1465f41 100644
--- a/include/linux/if_pppox.h
+++ b/include/linux/if_pppox.h
@@ -85,6 +85,8 @@ extern void unregister_pppox_proto(int proto_num);
extern void pppox_unbind_sock(struct sock *sk);/* delete ppp-channel binding */
extern int pppox_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg);
+#define PPPOEIOCSFWD32 _IOW(0xB1 ,0, compat_size_t)
+
/* PPPoX socket states */
enum {
PPPOX_NONE = 0, /* initial state */
--
2.20.0
Powered by blists - more mailing lists