lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 3 Dec 2015 23:09:58 +0200
From:	Andrew <nitr0@...i.kr.ua>
To:	Guillaume Nault <g.nault@...halink.fr>
Cc:	Alexander Duyck <alexander.duyck@...il.com>,
	netdev@...r.kernel.org, Simon Farnsworth <simon@...nz.org.uk>
Subject: Re: Kernel 4.1.12 crash

Hi.

Thanks, I'll rebuild kernel with your patch "pppoe: fix memory 
corruption in padt work structure", tryto check it in test env, and try 
to update PPPoE servers.

03.12.2015 17:35, Guillaume Nault wrote:
> On Wed, Dec 02, 2015 at 06:23:35PM +0100, Guillaume Nault wrote:
>> You can try the following. It's not yet a proper fix as there are still
>> a few things that bug me in pppoe_connect().
>>
>> ---
>> diff --git a/drivers/net/ppp/pppoe.c b/drivers/net/ppp/pppoe.c
>> index 5e0b432..865b74d 100644
>> --- a/drivers/net/ppp/pppoe.c
>> +++ b/drivers/net/ppp/pppoe.c
>> @@ -568,6 +568,9 @@ static int pppoe_create(struct net *net, struct socket *sock, int kern)
>>   	sk->sk_family		= PF_PPPOX;
>>   	sk->sk_protocol		= PX_PROTO_OE;
>>   
>> +	INIT_WORK(&pppox_sk(sk)->proto.pppoe.padt_work,
>> +		  pppoe_unbind_sock_work);
>> +
>>   	return 0;
>>   }
>>   
>> @@ -632,8 +635,6 @@ static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
>>   
>>   	lock_sock(sk);
>>   
>> -	INIT_WORK(&po->proto.pppoe.padt_work, pppoe_unbind_sock_work);
>> -
>>   	error = -EINVAL;
>>   	if (sp->sa_protocol != PX_PROTO_OE)
>>   		goto end;
>> @@ -663,8 +664,6 @@ static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
>>   			po->pppoe_dev = NULL;
>>   		}
>>   
>> -		memset(sk_pppox(po) + 1, 0,
>> -		       sizeof(struct pppox_sock) - sizeof(struct sock));
>>   		sk->sk_state = PPPOX_NONE;
>>   	}
>>   
> Finally, I'm going to send something similar to -net and keep the rest
> of pppoe_connect() modifications for net-next. This will ease
> backporting to -stable.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists