lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150203122432.GV13046@secunet.com>
Date:	Tue, 3 Feb 2015 13:24:32 +0100
From:	Steffen Klassert <steffen.klassert@...unet.com>
To:	Nicolas Dichtel <nicolas.dichtel@...nd.com>
CC:	Fan Du <fan.du@...el.com>, <herbert@...dor.apana.org.au>,
	<davem@...emloft.net>, <netdev@...r.kernel.org>,
	<fengyuleidian0615@...il.com>
Subject: Re: [PATCHv3, ipsec-next] xfrm: Do not parse 32bits compiled xfrm
 netlink msg on 64bits host

On Mon, Feb 02, 2015 at 10:02:50AM +0100, Nicolas Dichtel wrote:
> Le 02/02/2015 09:44, Steffen Klassert a écrit :
> >On Thu, Jan 29, 2015 at 11:29:51AM +0100, Nicolas Dichtel wrote:
> [snip]
> >>
> >>The point I try to make is that patching userland apps allows to use xfrm on a
> >>32bits userland / 64bits kernel.
> >
> >Ugh, I did not know that this is used that way. Which applications do this?
> >So the situation is worse than I thought. What happens to such applications
> >if we add a compat layer in the kernel? I'd guess they will break, right?
> A compat layer will be perfect. I just wanted to highlight the fact that without
> this patch, it's possible to have a workaround to use netlink-xfrm and after it,
> it will be impossible.

You did not answer my question about the applications that do this.
If it is just possible, but there are no actual users, we should
apply this patch as soon as possible to avoid any abuse of this ABI.

I tend to apply this patch unless you can come up with a real world
application that will break if we do so.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ