lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 17 Sep 2022 08:46:36 -0700
From:   Stanislav Fomichev <sdf@...gle.com>
To:     Lorenz Bauer <oss@....io>
Cc:     shaozhengchao@...wei.com, ast@...nel.org, daniel@...earbox.net,
        bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
        yuehaibing@...wei.com
Subject: Re: [PATCH v4,bpf-next] bpf: Don't redirect packets with invalid pkt_len

On Wed, Sep 14, 2022 at 4:20 AM Lorenz Bauer <oss@....io> wrote:
>
> Hi,
>
> I think this patch is causing user-space breakage, see [0].
>
> The gist is that we do BPF_PROG_RUN of a socket filter with 14 byte input to determine whether
> BPF_PROG_RUN is available or not. I'll fix this in cilium/ebpf, but I think this patch
> needs more work since users may be doing the same thing in their code.

Ooops, sorry about that.

Instead of rejecting len=0 data, we might accept the packet but add
some safe header? I think that should be more backwards compatible?
Zhengchao, something you can look into?


> Thanks,
> Lorenz
>
> 0: https://github.com/cilium/ebpf/pull/788

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ