lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Jul 2014 14:42:01 -0700 From: Alexei Starovoitov <ast@...mgrid.com> To: Kees Cook <keescook@...omium.org> Cc: "David S. Miller" <davem@...emloft.net>, Ingo Molnar <mingo@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Andy Lutomirski <luto@...capital.net>, Steven Rostedt <rostedt@...dmis.org>, Daniel Borkmann <dborkman@...hat.com>, Chema Gonzalez <chema@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Arnaldo Carvalho de Melo <acme@...radead.org>, Jiri Olsa <jolsa@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Andrew Morton <akpm@...ux-foundation.org>, Linux API <linux-api@...r.kernel.org>, Network Development <netdev@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH RFC v2 net-next 08/16] bpf: add hashtable type of BPF maps On Wed, Jul 23, 2014 at 1:33 PM, Kees Cook <keescook@...omium.org> wrote: >> >>>> + htab->slab_name = kasprintf(GFP_USER, "bpf_htab_%p", htab); >>> >>> This leaks a kernel heap memory pointer to userspace. If a unique name >>> needed, I think map_id should be used instead. >> >> it leaks, how? slabinfo is only available to root. >> The same code exists in conntrack: >> net/netfilter/nf_conntrack_core.c:1767 > > Right, in extreme cases, there are system configurations where leaking > addresses even to root can be considered a bug. There are a lot of > these situations in the kernel still, that's true. However, if we can > at all avoid it, I'd really like to avoid adding new ones. Nearly all > the cases of using a memory pointer is for uniqueness concerns, but I > think can already get that from the map_id. ok. fair enough. I think slab name doesn't have to be unique anymore. It's used to be a requirement in older kernels. If it is ok to reuse now, I'll just use the same for all hash-type maps. Advice from slab expert would be great... -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists