lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 01 Oct 2020 12:43:45 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     colyli@...e.de
Cc:     linux-block@...r.kernel.org, linux-nvme@...ts.infradead.org,
        netdev@...r.kernel.org, open-iscsi@...glegroups.com,
        linux-scsi@...r.kernel.org, ceph-devel@...r.kernel.org,
        linux-kernel@...r.kernel.org, chaitanya.kulkarni@....com,
        cleech@...hat.com, hch@....de, amwang@...hat.com,
        eric.dumazet@...il.com, hare@...e.de, idryomov@...il.com,
        jack@...e.com, jlayton@...nel.org, axboe@...nel.dk,
        lduncan@...e.com, michaelc@...wisc.edu,
        mskorzhinskiy@...arflare.com, philipp.reisner@...bit.com,
        sagi@...mberg.me, vvs@...tuozzo.com, vbabka@...e.com
Subject: Re: [PATCH v9 0/7] Introduce sendpage_ok() to detect misused
 sendpage in network related drivers

From: Coly Li <colyli@...e.de>
Date: Thu,  1 Oct 2020 15:54:01 +0800

> This series was original by a bug fix in nvme-over-tcp driver which only
> checked whether a page was allocated from slab allcoator, but forgot to
> check its page_count: The page handled by sendpage should be neither a
> Slab page nor 0 page_count page.
> 
> As Sagi Grimberg suggested, the original fix is refind to a more common
> inline routine:
>     static inline bool sendpage_ok(struct page *page)
>     {
>         return  (!PageSlab(page) && page_count(page) >= 1);
>     }
> If sendpage_ok() returns true, the checking page can be handled by the
> concrete zero-copy sendpage method in network layer.
> 
> The v9 series has 7 patches, no change from v8 series,
> - The 1st patch in this series introduces sendpage_ok() in header file
>   include/linux/net.h.
> - The 2nd patch adds WARN_ONCE() for improper zero-copy send in
>   kernel_sendpage().
> - The 3rd patch fixes the page checking issue in nvme-over-tcp driver.
> - The 4th patch adds page_count check by using sendpage_ok() in
>   do_tcp_sendpages() as Eric Dumazet suggested.
> - The 5th and 6th patches just replace existing open coded checks with
 ...

Series applied and queued up for -stable, thank you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ