| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <OF3A37018B.9EFE360C-ON88257435.00614684-88257435.00622448@us.ibm.com>
Date: Thu, 24 Apr 2008 11:52:01 -0600
From: David Stevens <dlstevens@...ibm.com>
To: YOSHIFUJI Hideaki / 吉藤英明
<yoshfuji@...ux-ipv6.org>
Cc: davem@...emloft.net, netdev@...r.kernel.org,
netdev-owner@...r.kernel.org, yoshfuji@...ux-ipv6.org
Subject: Re: [GIT PULL] [IPV6] COMPAT: Fix SSM applications on 64bit kernels.
I was looking at this problem too, and below is what I have at the
moment. I've only tested the group_req portion, and I was looking
at putting this in net/compat.c with hooks back, since the code is
literally identical for IPv4 except the sockopt function you call at
the end, but I've moved it to ipv6_sockglue.c for this patch.
This touches a lot less code and I think comes out a lot smaller.
Method is to translate to padded version on the user stack, make
the call, and translate back (in the MSFILTER case) on return, as
is done for some other compat functions.
+-DLS
inline for viewing, attached for applying, and no signed-off line
since I have completed it; just for discussion.
--- linux-2.6.18.ppc64/net/ipv6/ipv6_sockglue.c 2008-04-21
13:51:02.000000000 -0700
+++ linux-2.6.18.ppc64DLS1/net/ipv6/ipv6_sockglue.c 2008-04-24
02:20:23.000000000 -0700
@@ -39,6 +39,7 @@
#include <linux/init.h>
#include <linux/sysctl.h>
#include <linux/netfilter.h>
+#include <linux/compat.h>
#include <net/sock.h>
#include <net/snmp.h>
@@ -754,6 +755,27 @@ int ipv6_setsockopt(struct sock *sk, int
#ifdef CONFIG_COMPAT
+
+struct compat_group_req {
+ __u32 gr_interface;
+ struct __kernel_sockaddr_storage gr_group;
+} __attribute__ ((packed));
+
+struct compat_group_source_req {
+ __u32 gsr_interface;
+ struct __kernel_sockaddr_storage gsr_group;
+ struct __kernel_sockaddr_storage gsr_source;
+} __attribute__ ((packed));
+
+struct compat_group_filter {
+ __u32 gf_interface;
+ struct __kernel_sockaddr_storage gf_group;
+ __u32 gf_fmode;
+ __u32 gf_numsrc;
+ struct __kernel_sockaddr_storage gf_slist[1];
+} __attribute__ ((packed));
+
+
int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
char __user *optval, int optlen)
{
@@ -769,6 +791,95 @@ int compat_ipv6_setsockopt(struct sock *
if (level != SOL_IPV6)
return -ENOPROTOOPT;
+ switch (optname) {
+ case MCAST_JOIN_GROUP:
+ case MCAST_LEAVE_GROUP:
+ {
+ struct compat_group_req __user *gr32 = (void *)optval;
+ struct group_req __user *kgr =
+ compat_alloc_user_space(sizeof(struct group_req));
+ u32 interface;
+
+ if (!access_ok(VERIFY_READ, gr32, sizeof(*gr32)) ||
+ !access_ok(VERIFY_WRITE, kgr, sizeof(struct
group_req)) ||
+ __get_user(interface, &gr32->gr_interface) ||
+ __put_user(interface, &kgr->gr_interface) ||
+ __copy_tofrom_user(&kgr->gr_group, &gr32->gr_group,
+ sizeof(kgr->gr_group)))
+ return -EFAULT;
+ return do_ipv6_setsockopt(sk, level, optname,
+ (char __user *)kgr, sizeof(struct group_req));
+ }
+ case MCAST_JOIN_SOURCE_GROUP:
+ case MCAST_LEAVE_SOURCE_GROUP:
+ case MCAST_BLOCK_SOURCE:
+ case MCAST_UNBLOCK_SOURCE:
+ {
+ struct compat_group_source_req __user *gsr32 = (void
*)optval;
+ struct group_source_req *kgsr = compat_alloc_user_space(
+ sizeof(struct group_source_req));
+ u32 interface;
+
+ if (!access_ok(VERIFY_READ, gsr32, sizeof(*gsr32)) ||
+ !access_ok(VERIFY_WRITE, kgsr,
+ sizeof(struct group_source_req)) ||
+ __get_user(interface, &gsr32->gsr_interface) ||
+ __put_user(interface, &kgsr->gsr_interface) ||
+ __copy_tofrom_user(&kgsr->gsr_group,
&gsr32->gsr_group,
+ sizeof(kgsr->gsr_group)) ||
+ __copy_tofrom_user(&kgsr->gsr_source,
&gsr32->gsr_source,
+ sizeof(kgsr->gsr_source)))
+ return -EFAULT;
+ return do_ipv6_setsockopt(sk, level, optname,
+ (char __user *)kgsr, sizeof(struct
group_source_req));
+ }
+ case MCAST_MSFILTER:
+ {
+ struct compat_group_filter __user *gf32 = (void *)optval;
+ struct group_filter *kgf;
+ u32 interface, fmode, numsrc;
+ int len;
+
+ if (!access_ok(VERIFY_READ, gf32, sizeof(*gf32)) ||
+ __get_user(interface, &gf32->gf_interface) ||
+ __get_user(fmode, &gf32->gf_fmode) ||
+ __get_user(numsrc, &gf32->gf_numsrc))
+ return -EFAULT;
+ if (optlen < GROUP_FILTER_SIZE(0))
+ return -EINVAL;
+ len = GROUP_FILTER_SIZE(numsrc);
+ len = len < optlen ? len : optlen;
+ kgf = compat_alloc_user_space(len);
+ if (!access_ok(VERIFY_WRITE, kgf, len) ||
+ __put_user(interface, &kgf->gf_interface) ||
+ __put_user(fmode, &kgf->gf_fmode) ||
+ __put_user(numsrc, &kgf->gf_numsrc) ||
+ __copy_tofrom_user(&kgf->gf_group, &gf32->gf_group,
+ sizeof(kgf->gf_group)) ||
+ (numsrc && __copy_tofrom_user(&kgf->gf_slist,
+ &gf32->gf_slist, len -
GROUP_FILTER_SIZE(0))))
+ return -EFAULT;
+ err = do_ipv6_setsockopt(sk, level, optname,
+ (char __user *)kgf, len);
+ if (!access_ok(VERIFY_WRITE, gf32, sizeof(*gf32)) ||
+ __get_user(interface, &kgf->gf_interface) ||
+ __put_user(interface, &gf32->gf_interface) ||
+ __get_user(fmode, &kgf->gf_fmode) ||
+ __put_user(fmode, &gf32->gf_fmode) ||
+ __get_user(numsrc, &kgf->gf_numsrc) ||
+ __put_user(numsrc, &gf32->gf_numsrc) ||
+ __copy_tofrom_user(&gf32->gf_group, &kgf->gf_group,
+ sizeof(gf32->gf_group)) ||
+ (numsrc && __copy_tofrom_user(&gf32->gf_slist,
+ &kgf->gf_slist, len -
GROUP_FILTER_SIZE(0))))
+ return -EFAULT;
+ return err;
+ }
+
+ default:
+ break;
+ }
+
err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
#ifdef CONFIG_NETFILTER
/* we need to exclude all possible ENOPROTOOPTs except default
case */
Download attachment "mc_compat1.patch" of type "application/octet-stream" (4564 bytes)
Powered by blists - more mailing lists