| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <526D799C.9050905@gmail.com> Date: Sun, 27 Oct 2013 13:37:48 -0700 From: Alexander Duyck <alexander.duyck@...il.com> To: Jamal Hadi Salim <jhs@...atatu.com> CC: "Eric W. Biederman" <ebiederm@...ssion.com>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org, alexander.h.duyck@...el.com Subject: Re: [PATCH 0/2] net_sched: Remove broken tc actions On 10/27/2013 09:58 AM, Jamal Hadi Salim wrote: > On 10/27/13 09:40, Eric W. Biederman wrote: >> >> While auditing the code to make certain it would be safe to enable the >> user namespace root to use tc actions I stumbled on the strange fact >> that two of the tc modules in the kernel have been broken for more >> years than I care to think about. >> >> In particular neither of these two modules implements the tc_action_ops >> lookup method. Which means that in practice neither RTM_GETACTION nor >> RTM_DELACTION work. And with RTM_DELACTION broken that looks like a >> permanent leak of kernel memory to me. >> >> >> A leak I am not happy at root having and certainly not something I want >> to allow unprivileged users access to. >> >> On the premise that 5+ years is too long to wait for someone to notice, >> complain and get this code fixed let's just remove these broken tc >> modules. >> > > > Nah, dude. > You dont have to implement the get/del. Actions are typically bound > to filters; when the filters disappears the action is destroyed. > You Get the filter, you Get the bound actions. > you can add actions without filters - but in such a case, for both > of these ones you picked, you can dump or flush them unless they are > bound to a filter. Thats the minimal requirement (which is met). > > What is your use case to need explicit get/del? > Given act_simple is pedagogical in nature, I think > that will be useful for illustration purposes. > > cheers, > jamal The primary use case for act_skbedit was to have it associated with a filter. I based it off of act_simple so it isn't surprising that it inherited this issue. >From what I can tell all of the other actions are just using tcf_hash_search for lookup. Is there anything special that is needed in order to add the lookup call, or could we just add a one liner associating simple and skbedit lookup with tcf_hash_search? Thanks, Alex -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists