| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250528162607.GF1484967@horms.kernel.org> Date: Wed, 28 May 2025 17:26:07 +0100 From: Simon Horman <horms@...nel.org> To: David Howells <dhowells@...hat.com> Cc: netdev@...r.kernel.org, Dan Carpenter <dan.carpenter@...aro.org>, Marc Dionne <marc.dionne@...istor.com>, Jakub Kicinski <kuba@...nel.org>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, linux-afs@...ts.infradead.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH net-next] rxrpc: Fix return from none_validate_challenge() On Tue, May 27, 2025 at 04:01:43PM +0100, David Howells wrote: > Fix the return value of none_validate_challenge() to be explicitly true > (which indicates the source packet should simply be discarded) rather than > implicitly true (because rxrpc_abort_conn() always returns -EPROTO which > gets converted to true). > > Note that this change doesn't change the behaviour of the code (which is > correct by accident) and, in any case, we *shouldn't* get a CHALLENGE > packet to an rxnull connection (ie. no security). > > Reported-by: Dan Carpenter <dan.carpenter@...aro.org> > Closes: https://lists.infradead.org/pipermail/linux-afs/2025-April/009738.html > Signed-off-by: David Howells <dhowells@...hat.com> ... Reviewed-by: Simon Horman <horms@...nel.org>
Powered by blists - more mailing lists