lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <CD5EF2C8-DB99-467B-8048-B290BAD44D4B@oracle.com>
Date:   Wed, 11 Sep 2019 13:43:37 -0400
From:   Chuck Lever <chuck.lever@...cle.com>
To:     Benjamin Coddington <bcodding@...hat.com>
Cc:     Jason L Tibbitts III <tibbs@...h.uh.edu>,
        Bruce Fields <bfields@...ldses.org>,
        Wolfgang Walter <linux@...m.de>,
        Linux NFS Mailing List <linux-nfs@...r.kernel.org>,
        km@...all.com, linux-kernel@...r.kernel.org
Subject: Re: Regression in 5.1.20: Reading long directory fails



> On Sep 11, 2019, at 1:40 PM, Benjamin Coddington <bcodding@...hat.com> wrote:
> 
> On 11 Sep 2019, at 13:29, Chuck Lever wrote:
> 
>>> On Sep 11, 2019, at 1:26 PM, Benjamin Coddington <bcodding@...hat.com> wrote:
>>> 
>>> 
>>> On 11 Sep 2019, at 12:39, Chuck Lever wrote:
>>> 
>>>>> On Sep 11, 2019, at 12:25 PM, Benjamin Coddington <bcodding@...hat.com> wrote:
>>>>> 
>>> 
>>>>> Instead, I think we want to make sure the mic falls squarely into the tail
>>>>> every time.
>>>> 
>>>> I'm not clear how you could do that. The length of the page data is not
>>>> known to the client before it parses the reply. Are you suggesting that
>>>> gss_unwrap should do it somehow?
>>> 
>>> Is it too niave to always put the mic at the end of the tail?
>> 
>> The size of the page content is variable.
>> 
>> The only way the MIC will fall into the tail is if the page content is
>> exactly the largest expected size. When the page content is smaller than
>> that, the receive logic will place part or all of the MIC in ->pages.
> 
> Ok, right.  But what I meant is that xdr_buf_read_netobj() should be renamed
> and repurposed to be "move the mic from wherever it is to the end of
> xdr_buf's tail".
> 
> But now I see what you mean, and I also see that it is already trying to do
> that.. and we don't want to overlap the copy..
> 
> So, really, we need the tail to be larger than twice the mic.. less 1.  That
> means the fix is probably just increasing rslack for krb5i.

What's the justification for that particular maximum size? Are you sure the
page contents are not spilling into the tail?

--
Chuck Lever

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ