| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1319059016.2829.68.camel@bwh-desktop> Date: Wed, 19 Oct 2011 22:16:56 +0100 From: Ben Hutchings <bhutchings@...arflare.com> To: Richard Cochran <richardcochran@...il.com> Cc: netdev@...r.kernel.org, David Miller <davem@...emloft.net> Subject: Re: [PATCH net-next 1/1] net: validate HWTSTAMP ioctl parameters On Fri, 2011-10-14 at 11:37 +0200, Richard Cochran wrote: > This patch adds a sanity check on the values provided by user space for > the hardware time stamping configuration. If the values lie outside of > the absolute limits, then the ioctl request will be denied. [...] What does this validation buy us? The driver still has to copy the values into kernel space again, at which point they may have been changed to be invalid. Depending on how the driver uses them (perhaps as array indices), it may have to validate them again to avoid a security vulnerability. I think that either SIOCHWTSTAMP should be handled through a discrete device operation (not ndo_ioctl) which receives a pointer to the validated structure in kernel memory, or a validation function should be exported to drivers so that they can call it from their ndo_ioctl implementations after copying the structure into kernel memory. Ben. -- Ben Hutchings, Staff Engineer, Solarflare Not speaking for my employer; that's the marketing department's job. They asked us to note that Solarflare product names are trademarked. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists