lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20140414.164753.1675305498861641361.davem@davemloft.net>
Date:	Mon, 14 Apr 2014 16:47:53 -0400 (EDT)
From:	David Miller <davem@...emloft.net>
To:	dborkman@...hat.com
Cc:	netdev@...r.kernel.org, ast@...mgrid.com, xemul@...allels.com
Subject: Re: [PATCH net] net: filter: seccomp: fix wrong decoding of
 BPF_S_ANC_SECCOMP_LD_W

From: Daniel Borkmann <dborkman@...hat.com>
Date: Mon, 14 Apr 2014 21:20:12 +0200

> While reviewing seccomp code, we found that BPF_S_ANC_SECCOMP_LD_W has
> been wrongly decoded by commit a8fc927780 ("sk-filter: Add ability to
> get socket filter program (v2)") into the opcode BPF_LD|BPF_B|BPF_ABS
> although it should have been decoded as BPF_LD|BPF_W|BPF_ABS.
> 
> In practice, this should not have much side-effect though, as such
> conversion is/was being done through prctl(2) PR_SET_SECCOMP. Reverse
> operation PR_GET_SECCOMP will only return the current seccomp mode, but
> not the filter itself. Since the transition to the new BPF infrastructure,
> it's also not used anymore, so we can simply remove this as it's
> unreachable.
> 
> Fixes: a8fc927780 ("sk-filter: Add ability to get socket filter program (v2)")
> Signed-off-by: Daniel Borkmann <dborkman@...hat.com>
> Signed-off-by: Alexei Starovoitov <ast@...mgrid.com>

Applied.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ