lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <50EC5BE7.3090401@openwrt.org>
Date:	Tue, 08 Jan 2013 18:48:23 +0100
From:	Florian Fainelli <florian@...nwrt.org>
To:	Vlad Yasevich <vyasevich@...il.com>
CC:	Neil Horman <nhorman@...driver.com>, netdev@...r.kernel.org,
	David Miller <davem@...emloft.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-sctp@...r.kernel.org
Subject: Re: [PATCH v2] sctp: Change defaults on cookie hmac selection

Le 01/07/13 17:39, Vlad Yasevich a écrit :
>>
>>> Would that save all the config trouble?
>>>
>> Yes, it would fix it as Florian has noted, but at the cost of 
>> silently modifying
>> what the default hmac config vaule is.  If you've expressly disabled
>> SCTP_COOKIE_HMAC_MD5, and then blindly take the default choice in the
>> SCTP_DEFAULT_COOKIE selection option (the default default as it 
>> were), using the
>> approach your suggesting, then that will silently enable 
>> SCTP_COOKIE_HMAC_MD5
>> again, which may not be expected by users.  If you expressly have a 
>> config
>> option disabled in an old configuration, we should leave it there.
>
> GACK.  Just reproduced this and I really don't like this infinite loop 
> of choice prompts.  That's a horrible bug and we need to fix this.
>
> I don't think overriding the value is that big of a deal, especially 
> considering that this is exactly what 'make menuconfig' and other 
> graphical configs will do.
> If I start with:
>     CONFIG_IP_SCTP=m
>     CONFIG_NET_SCTPPROBE=m
>     # CONFIG_SCTP_DBG_MSG is not set
>     # CONFIG_SCTP_DBG_OBJCNT is not set
>     # CONFIG_SCTP_HMAC_NONE is not set
>     CONFIG_SCTP_HMAC_SHA1=y
>     # CONFIG_SCTP_HMAC_MD5 is not set
>
> then run:
>     yes "" | make oldconfig
>
> I get an infinite loop.
>
> If I run "make menuconfig", I get:
>     CONFIG_IP_SCTP=m
>     CONFIG_NET_SCTPPROBE=m
>     # CONFIG_SCTP_DBG_MSG is not set
>     # CONFIG_SCTP_DBG_OBJCNT is not set
>     CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5=y
>     # CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1 is not set
>     # CONFIG_SCTP_DEFAULT_COOKIE_HMAC_NONE is not set
>     CONFIG_SCTP_COOKIE_HMAC_MD5=y
>     # CONFIG_SCTP_COOKIE_HMAC_SHA1 is not set
>
> Note, that SHA1 is now overridden with MD5.
>
> If I change the value of the default choice in Kconfig, the behavior 
> between oldconfig and menuconfig is the same.

Right, the issue is as simple as there is no default *valid* config 
symbol being proposed. In any case Neil's patch changes both config 
symbol names such that they are non-existent when transitionning from a 
pre-3.8-rc config and a 3.8-rc config. The following patch fixes this 
for me:

 From c8e277512bafafc009a3fbf889c78d6b6a06d5fa Mon Sep 17 00:00:00 2001
From: Florian Fainelli <florian@...nwrt.org>
Date: Mon, 7 Jan 2013 14:26:15 +0100
Subject: [PATCH] sctp: fix typo in default SCTP cookie choice

Commit 0d0863b0 (sctp: Change defaults on cookie hmac selection)
introduced a choice configuration option to select the default SCTP
cookie hashing algorithm, a typo was introduced for the default choice.
This is an issue when running make oldconfig because an explicit choice
number must be entered since no default is available. This patch fixes
the typo, thus providing a valid default choice.

Signed-off-by: Florian Fainelli <florian@...nwrt.org>
---
  net/sctp/Kconfig |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/sctp/Kconfig b/net/sctp/Kconfig
index c262106..7521d94 100644
--- a/net/sctp/Kconfig
+++ b/net/sctp/Kconfig
@@ -68,7 +68,7 @@ config SCTP_DBG_OBJCNT
        If unsure, say N
  choice
      prompt "Default SCTP cookie HMAC encoding"
-    default SCTP_COOKIE_HMAC_MD5
+    default SCTP_DEFAULT_COOKIE_HMAC_MD5
      help
        This option sets the default sctp cookie hmac algorithm
        when in doubt select 'md5'
-- 
1.7.10.4


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ