[<prev] [next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.02.1402060341090.31200@file01.intranet.prod.int.rdu2.redhat.com>
Date: Thu, 6 Feb 2014 04:18:42 -0500 (EST)
From: Mikulas Patocka <mpatocka@...hat.com>
To: Michael Cree <mcree@...on.net.nz>,
"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Matt Turner <mattst88@...il.com>
Subject: Re: [PATCH 3.12 117/133] alpha: fix broken network checksum
On Thu, 6 Feb 2014, Michael Cree wrote:
> On Tue, Feb 04, 2014 at 01:08:38PM -0800, Greg Kroah-Hartman wrote:
> > 3.12-stable review patch. If anyone has any objections, please let me know.
> >
> > ------------------
> >
> > From: Mikulas Patocka <mpatocka@...hat.com>
> >
> > commit 0ef38d70d4118b2ce1a538d14357be5ff9dc2bbd upstream.
> >
> > The patch 3ddc5b46a8e90f3c9251338b60191d0a804b0d92 breaks networking on
> > alpha (there is a follow-up fix 5cfe8f1ba5eebe6f4b6e5858cdb1a5be4f3272a6,
> > but networking is still broken even with the second patch).
>
> I wonder whether that follow-up (partial) fix mentioned
> (5cfe8f1ba5eebe6f4b6e5858cdb1a5be4f3272a6) should be pulled into 3.12 stable
> too?
>
> Cheers
> Michael.
Hi
It is quite confusing - csum_partial_copy_from_user is only called from
csum_and_copy_from_user in include/net/checksum.h.
csum_and_copy_from_user already verifies the source memory range with
access_ok. Despite this, people started to add access_ok to many
architecture-specific versions of csum_partial_copy_from_user (for example
3ddc5b46a8e90f3c9251338b60191d0a804b0d92).
It seems that the best thing is to revert
0ef38d70d4118b2ce1a538d14357be5ff9dc2bbd,
5cfe8f1ba5eebe6f4b6e5858cdb1a5be4f3272a6 and csum_partial_copy_from_user
change from 3ddc5b46a8e90f3c9251338b60191d0a804b0d92.
David, you are maintainer of networking - does it have any deeper sense to
perform access_ok in csum_partial_copy_from_user if the caller performs
this check already? Should this be just removed?
Also - the x86 and alpha implementation of csum_and_copy_from_user zero
the destination buffer on userspace-access error - but
csum_and_copy_from_user (that calls these function) doesn't zero the
destination buffer on error. Should the destination buffer be zeroed on
error or not?
Mikulas
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists