| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1387190701-1893-2-git-send-email-dborkman@redhat.com>
Date: Mon, 16 Dec 2013 11:45:00 +0100
From: Daniel Borkmann <dborkman@...hat.com>
To: davem@...emloft.net
Cc: netdev@...r.kernel.org
Subject: [PATCH net-next 1/2] bpf_dbg: always close socket in bpf_runnable
We must not leave the socket intact in bpf_runnable(). The socket
is used to test if the filter code is being accepted by the kernel
or not. So right after we do the setsockopt(2), we need to close
it again.
Signed-off-by: Daniel Borkmann <dborkman@...hat.com>
---
tools/net/bpf_dbg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/net/bpf_dbg.c b/tools/net/bpf_dbg.c
index 0fdcb70..65dc757 100644
--- a/tools/net/bpf_dbg.c
+++ b/tools/net/bpf_dbg.c
@@ -512,11 +512,11 @@ static bool bpf_runnable(struct sock_filter *f, unsigned int len)
return false;
}
ret = setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &bpf, sizeof(bpf));
+ close(sock);
if (ret < 0) {
rl_printf("program not allowed to run by kernel!\n");
return false;
}
- close(sock);
for (i = 0; i < len; i++) {
if (BPF_CLASS(f[i].code) == BPF_LD &&
f[i].k > SKF_AD_OFF) {
--
1.8.3.1
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists