lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20140720.212858.425286621403273701.davem@davemloft.net>
Date:	Sun, 20 Jul 2014 21:28:58 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	develop@...stov.de
Cc:	netdev@...r.kernel.org, linux-ppp@...r.kernel.org,
	paulus@...ba.org, isdn@...ux-pingi.de
Subject: Re: [PATCH net v2 1/1] net: ppp: don't call sk_chk_filter twice

From: Christoph Schulz <develop@...stov.de>
Date: Fri, 18 Jul 2014 23:34:50 +0200

> Hello!
> 
> Am 15.07.2014 01:15, schrieb David Miller:
>> From: Christoph Schulz <develop@...stov.de>
>> Date: Mon, 14 Jul 2014 08:01:10 +0200
>> 
>>> From: Christoph Schulz <develop@...stov.de>
>>>
>>> Commit 568f194e8bd16c353ad50f9ab95d98b20578a39d ("net: ppp: use
>>> sk_unattached_filter api") causes sk_chk_filter() to be called twice when
>>> setting a PPP pass or active filter. This applies to both the generic PPP
>>> subsystem implemented by drivers/net/ppp/ppp_generic.c and the ISDN PPP
>>> subsystem implemented by drivers/isdn/i4l/isdn_ppp.c. The first call is from
>>> within get_filter().
>>> [...]
>>> For 3.15.x, this proposed change is a bugfix rather than a pure optimization as
>>> in that branch, sk_chk_filter() may replace filter codes by other codes which
>>> are not recognized when executing sk_chk_filter() a second time. So with
>>> 3.15.x, if sk_chk_filter() is called twice, the second invocation may yield
>>> EINVAL (this depends on the filter codes found in the filter to be set, but
>>> because the replacement is done for frequently used codes, this is almost
>>> always the case). The net effect is that setting pass and/or active PPP filters
>>> does not work anymore, since sk_unattached_filter_create() always returns
>>> EINVAL due to the second call to sk_chk_filter(), regardless whether the filter
>>> was originally sane or not.
>>>
>>> Signed-off-by: Christoph Schulz <develop@...stov.de>
>> 
>> Applied, thank you.
> 
> As the commit message says, this patch is a bugfix for the 3.15.y
> branch. However, I don't see it in the netdev stable-queue. Could you
> please add it to -stable for 3.15.y?

Done.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ