| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Jan 2011 09:38:11 +0000 From: Jarek Poplawski <jarkao2@...il.com> To: Pablo Neira Ayuso <pablo@...filter.org> Cc: Arthur Marsh <arthur.marsh@...ernode.on.net>, Jan Engelhardt <jengelh@...ozas.de>, Eric Dumazet <eric.dumazet@...il.com>, Linux Netdev List <netdev@...r.kernel.org>, Jamal Hadi Salim <hadi@...erus.ca> Subject: Re: inbound connection problems when "netlink: test for all flags of the NLM_F_DUMP composite" commit applied On 2011-01-16 22:17, Pablo Neira Ayuso wrote: > On 16/01/11 13:25, Arthur Marsh wrote: >> Jan Engelhardt wrote, on 16/01/11 21:20: >>> >>> Le dimanche 16 janvier 2011 Ă 19:24 +1030, Arthur Marsh a ĂŠcrit : >>>> >>>>> With kernels up to and including 2.6.37-git7, inbound telnetd-ssl >>>>> connections worked fine. With kernel 2.6.37-git9 and later inbound >>>>> telnetd-ssl connections failed, and on machine shut-down, there >>>>> were warning messages about daemons not return status. >>> >>> Which daemons are these? For reference, what distro do you happen >>> to use? >> >> avahi-daemon (which gave multiple warning messages, hence I thought it >> may have been multiple packages) >> >> I'm running Debian unstable with kernel.org kernels. >> >>> >>>>> commit 0ab03c2b1478f2438d2c80204f7fef65b1bca9cf >>>>> netlink: test for all flags of the NLM_F_DUMP composite >>> >>> Each of the hunks in this commit is independent of another. >>> Would you mind bisecting these too? >> >> Recompiling with the only the first patch (attached) resulted in a >> repeat of the problem. >> >> I've removed one person from the cc: list as they did not want to >> receive email about this even though they signed off the commit. > > Please, pass this patch to the avahi-daemon developers. They use an > invalid netlink flag combination for dump operations. Nothing in RFC suggests this is an invalid netlink flag combination, and author's implementation had suported it: ftp://ftp.rfc-editor.org/in-notes/rfc3549.txt NLM_F_DUMP is called a convenience macro only, so might be interpreted as a special kind of dump. BTW, isn't NLM_F_ATOMIC flag with NLM_F_DUMP treated as invalid now either? Even if I'm wrong, this change added to stable will break many configs. My proposal is to revert commit 0ab03c2b147 until proper fix is found. Cc: Jamal Hadi Salim <hadi@...erus.ca> Jarek P. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists