| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Jan 2011 20:26:42 +0100
From: Alessandro Suardi <alessandro.suardi@...il.com>
To: Jarek Poplawski <jarkao2@...il.com>
Cc: Jan Engelhardt <jengelh@...ozas.de>, jamal <hadi@...erus.ca>,
David Miller <davem@...emloft.net>, pablo@...filter.org,
arthur.marsh@...ernode.on.net, eric.dumazet@...il.com,
netdev@...r.kernel.org
Subject: Re: inbound connection problems when "netlink: test for all flags of
the NLM_F_DUMP composite" commit applied
On Tue, Jan 18, 2011 at 7:47 PM, Jarek Poplawski <jarkao2@...il.com> wrote:
> On Tue, Jan 18, 2011 at 07:28:52PM +0100, Jarek Poplawski wrote:
>> On Tue, Jan 18, 2011 at 07:24:40PM +0100, Jan Engelhardt wrote:
>> >
>> > On Tuesday 2011-01-18 19:10, Alessandro Suardi wrote:
>> > >On Tue, Jan 18, 2011 at 6:23 PM, Jarek Poplawski <jarkao2@...il.com> wrote:
>> > >>
>> > >> NLM_F_DUMP flags should be applied to GET requests only, eg. rtnetlink
>> > >> tests message type to verify this. Since genetlink can't do the same
>> > >> use "practical" test for ops->dumpit (assuming NEW request won't be
>> > >> mixed with GET).
>> ...
>> > >2.6.37-git18 + netlink revert + this patch
>> > > - fixes Avahi
>> > > - breaks acpid
>> > >Starting acpi daemon: RTNETLINK1 answers: Operation not supported
>> > >acpid: error talking to the kernel via netlink
>> >
>> > Deducing from that, it is a GET-like request that was sent by acpid,
>> > and the message type is one that has both a dumpit and a doit function.
>> > So if EOPNOTSUPP now occurs on all message types that have both dumpit
>> > and doit, you should have broken a lot more than just acpid.
>>
>> Right, we need something better here.
>
> On the other hand, until there is something better, we might try to
> fix it at least for "normal" dumpit cases?
>
> Alessandro, could you try (with the netlink revert)?
>
> Thanks,
> Jarek P.
>
> ---
> diff -Nurp a/net/netlink/genetlink.c b/net/netlink/genetlink.c
> --- a/net/netlink/genetlink.c 2011-01-18 16:58:16.000000000 +0100
> +++ b/net/netlink/genetlink.c 2011-01-18 19:36:25.000000000 +0100
> @@ -519,15 +519,14 @@ static int genl_rcv_msg(struct sk_buff *
> security_netlink_recv(skb, CAP_NET_ADMIN))
> return -EPERM;
>
> - if (nlh->nlmsg_flags & NLM_F_DUMP) {
> - if (ops->dumpit == NULL)
> - return -EOPNOTSUPP;
> -
> - genl_unlock();
> - err = netlink_dump_start(net->genl_sock, skb, nlh,
> - ops->dumpit, ops->done);
> - genl_lock();
> - return err;
> + if (ops->dumpit) {
> + if (nlh->nlmsg_flags & NLM_F_DUMP) {
> + genl_unlock();
> + err = netlink_dump_start(net->genl_sock, skb, nlh,
> + ops->dumpit, ops->done);
> + genl_lock();
> + return err;
> + }
> }
>
> if (ops->doit == NULL)
>
Sure enough :)
2.6.37-git18 + netlink revert + this 2nd attempt
appears to be good for me - both Avahi and acpid start up fine and I
can't see any other program misbehaving.
Thanks, ciao,
--alessandro
"There's always a siren singing you to shipwreck"
(Radiohead, "There There")
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists