lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080827145242.GU20815@postel.suug.ch>
Date:	Wed, 27 Aug 2008 16:52:42 +0200
From:	Thomas Graf <tgraf@...g.ch>
To:	"Duyck, Alexander H" <alexander.h.duyck@...el.com>
Cc:	David Miller <davem@...emloft.net>,
	"Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>,
	"jeff@...zik.org" <jeff@...zik.org>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	"shemminger@...l.org" <shemminger@...l.org>,
	"kaber@...sh.net" <kaber@...sh.net>
Subject: Re: [PATCH 2/3] netlink: nla_parse_nested_compat was not parsing nested attributes

* Duyck, Alexander H <alexander.h.duyck@...el.com> 2008-08-22 10:40
> I figured I would CC Stephen Hemminger and Patrick McHardy since they also will likely have an interest in this.
> 
> Just to put together a quick history on this issue I will list off how things got to where they are:
> 
> 1.  "[NET_SCHED]: sch_netem: use nla_parse_nested_compat" (http://marc.info/?l=linux-netdev&m=120110639320780&w=2) from Patrick McHardy.  After this patch netem started reporting "bytes leftover after parsing attributes" errors as it wasn't actually receiving a nested compat attribute.  This patch was added around 2.6.25-rc1.
> 
> 2.  "[NETLINK]: Fix nla_parse_nested_compat() to call nla_parse() directly" (http://marc.info/?l=linux-netdev&m=121145625328370&w=2) from Thomas Graf.  This resolved the errors but in turn any netlink messages that generated correct nested netlink attributes would have those attributes ignored as they would be automatically parsed out as one attribute with a length of all the nested attributes.  This patch was added around 2.6.26-rc4.

This patch was necessary as patch 1 broke the kernel ABI. It not only
resulted in leftover warnings, it resulted in the interpreation of
data with a 4 bytes offset which caused random configuration mess.

"Correct" nested netlink attributes are not supposed to be parsed
using nla_parse_nested_compat(), nla_parse_nested_compat() is
exclusively for attributes which contain a list of nested attributes
without a container attribute.

> Patches 3 & 4 haven't been applied yet and are under review:
> 
> 3.  "[PATCH 2/3] netlink: nla_parse_nested_compat was not parsing nested attributes" (http://marc.info/?l=linux-netdev&m=121936623112195&w=2) from me.  This reverts patch 2.
> 
> 4.  "[PATCH] IPROUTE: correct nla nested message generated by netem_parse_opt" (http://marc.info/?l=linux-netdev&m=121936623112195&w=2) from me.  This patch changes iproute2 netem_parse_opt to generate a correctly formatted set of nested compat attributes that can be parsed after the introduction of patch 1.

You can't change ABI! What your patches do is to generate new style nested
attributes and change nla_parse_nested_compat() to follow the same
semantisc as nla_parse_nested(). The _compat() is there for a reason.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ