| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20101112012039.GB4683@canuck.infradead.org> Date: Thu, 11 Nov 2010 20:20:39 -0500 From: Thomas Graf <tgraf@...radead.org> To: Dan Rosenberg <drosenberg@...curity.com> Cc: "David S. Miller" <davem@...emloft.net>, Oliver Hartkopp <socketcan@...tkopp.net>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, Urs Thuermann <urs.thuermann@...kswagen.de>, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, Patrick McHardy <kaber@...sh.net>, James Morris <jmorris@...ei.org>, Remi Denis-Courmont <remi.denis-courmont@...ia.com>, "Pekka Savola (ipv6)" <pekkas@...core.fi>, Sridhar Samudrala <sri@...ibm.com>, Vlad Yasevich <vladislav.yasevich@...com>, Tejun Heo <tj@...nel.org>, Eric Dumazet <eric.dumazet@...il.com>, Li Zefan <lizf@...fujitsu.com>, Joe Perches <joe@...ches.com>, Stephen Hemminger <shemminger@...tta.com>, Jamal Hadi Salim <hadi@...atatu.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, Alexey Dobriyan <adobriyan@...il.com>, Jiri Pirko <jpirko@...hat.com>, Johannes Berg <johannes.berg@...el.com>, Daniel Lezcano <daniel.lezcano@...e.fr>, Pavel Emelyanov <xemul@...nvz.org>, socketcan-core@...ts.berlios.de, netdev@...r.kernel.org, linux-sctp@...r.kernel.org Subject: Re: [PATCH 3/10] Fix leaking of kernel heap addresses in net/ On Thu, Nov 11, 2010 at 08:07:03PM -0500, Dan Rosenberg wrote: > diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c > index 1f85ef2..0ac8ff2 100644 > --- a/net/ipv4/raw.c > +++ b/net/ipv4/raw.c > @@ -948,13 +948,26 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) > __u16 destp = 0, > srcp = inet->inet_num; > > - seq_printf(seq, "%4d: %08X:%04X %08X:%04X" > - " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %d\n", > - i, src, srcp, dest, destp, sp->sk_state, > - sk_wmem_alloc_get(sp), > - sk_rmem_alloc_get(sp), > - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), > - atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); > + /* Only expose kernel addresses to privileged readers */ > + if (capable(CAP_NET_ADMIN)) > + seq_printf(seq, "%4d: %08X:%04X %08X:%04X" > + " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %d\n", > + i, src, srcp, dest, destp, sp->sk_state, > + sk_wmem_alloc_get(sp), > + sk_rmem_alloc_get(sp), > + 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), > + atomic_read(&sp->sk_refcnt), > + sp, atomic_read(&sp->sk_drops)); > + else > + seq_printf(seq, "%4d: %08X:%04X %08X:%04X" > + " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %d %d\n", > + i, src, srcp, dest, destp, sp->sk_state, > + sk_wmem_alloc_get(sp), > + sk_rmem_alloc_get(sp), > + 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), > + atomic_read(&sp->sk_refcnt), > + 0, atomic_read(&sp->sk_drops)); If we really have to do this. At least don't duplicate all this code. Do the check in the printf argument: seq_printf(seq, "%4d: %08X:%04X %08X:%04X" ... capable(CAP_NET_ADMIN) ? sp : 0, I would even move the decision whether to expose kernel addresses or not to a function so we can change behavior in one place. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists