| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20160129.193520.477355610549821770.davem@davemloft.net> Date: Fri, 29 Jan 2016 19:35:20 -0800 (PST) From: David Miller <davem@...emloft.net> To: eric.dumazet@...il.com Cc: aduyck@...antis.com, netdev@...r.kernel.org, alexander.duyck@...il.com, sowmini.varadhan@...cle.com, tom@...bertland.com Subject: Re: [net PATCH] flow_dissector: Fix unaligned access in __skb_flow_dissector when used by eth_get_headlen From: Eric Dumazet <eric.dumazet@...il.com> Date: Fri, 29 Jan 2016 19:23:54 -0800 > On Fri, 2016-01-29 at 18:49 -0800, Alexander Duyck wrote: >> This patch fixes an issue with unaligned accesses when using >> eth_get_headlen on a page that was DMA aligned instead of being IP aligned. >> The fact is when trying to check the length we don't need to be looking at >> the flow label so we can reorder the checks to first check if we are >> supposed to gather the flow label and then make the call to actually get >> it. >> >> Reported-by: Sowmini Varadhan <sowmini.varadhan@...cle.com> >> Signed-off-by: Alexander Duyck <aduyck@...antis.com> >> --- > > > You did not quite follow the discussion Alexander, we did not exactly > took a decision about this bug. > > As we mentioned, there are other parts that need care. > > key_keyid->keyid = *keyid; > > Please address them, instead of having to 'wait' for the next crash. Indeed, this is a more fundamental issue. This change in and of itself isn't bad, and is probably a suitable micro-optimization for net-next, but it doesn't fix the bug in question.
Powered by blists - more mailing lists