lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20141106.162808.1546139916210194279.davem@davemloft.net>
Date:	Thu, 06 Nov 2014 16:28:08 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	herbert@...dor.apana.org.au
Cc:	viro@...IV.linux.org.uk, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org, bcrl@...ck.org, nakam@...ux-ipv6.org,
	yoshfuji@...ux-ipv6.org
Subject: Re: ipv4: Use standard iovec primitive in raw_probe_proto_opt

From: Herbert Xu <herbert@...dor.apana.org.au>
Date: Thu, 6 Nov 2014 14:46:29 +0800

> On Thu, Nov 06, 2014 at 06:43:18AM +0000, Al Viro wrote:
>> On Thu, Nov 06, 2014 at 01:50:23PM +0800, Herbert Xu wrote:
>> > +	/* We only need the first two bytes. */
>> > +	err = memcpy_fromiovecend((void *)&icmph, msg->msg_iov, 0, 2);
>> > +	if (err)
>> > +		return err;
>> > +
>> > +	fl4->fl4_icmp_type = icmph.type;
>> > +	fl4->fl4_icmp_code = icmph.code;
>> 
>> That's more readable, but that exposes another problem in there - we read
>> the same piece of userland data twice, with no promise whatsoever that we'll
>> get the same value both times...
> 
> Sure, but you have to be root anyway to write to raw sockets.
> 
> Patches are welcome :)

I'd agree with this root-only argument maybe 15 years ago, but with
containers and stuff like that we want to prevent root X from messing
up the machine for root Y.

This is a recurring topic, and I'd strongly like to avoid adding new
ways that these kinds of problems can happen.

For example, I'm still on the hook to address the AF_NETLINK mmap TX
code, which has a similarly abusable issue.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ