| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 05 Jul 2016 20:47:55 -0700 (PDT) From: David Miller <davem@...emloft.net> To: alexei.starovoitov@...il.com Cc: sargun@...gun.me, netdev@...r.kernel.org, daniel@...earbox.net Subject: Re: Backport bpf: try harder on clones when writing into skb? [Commit: 3697649ff29e0f647565eed04b27a7779c646a22] From: Alexei Starovoitov <alexei.starovoitov@...il.com> Date: Tue, 5 Jul 2016 19:16:51 -0700 > On Tue, Jul 05, 2016 at 08:35:18AM -0700, Sargun Dhillon wrote: >> Does it make sense to backport >> 3697649ff29e0f647565eed04b27a7779c646a22 from 4.6 to the longterm >> (4.4) release? I can trivially recreate the issue represented by >> 3697649ff29e0f647565eed04b27a7779c646a22 by attaching a eBPF filter >> that clones an ingress ICMP packet, and then tries to set the >> destination MAC address. >> >> It seems like the patch applies cleanly to 4.4. I cherry-picked it, >> and rebuilt my kernel, and at least in the trivial test case passes. > > Makes sense to me, especially since it's lts. > Daniel, thoughts? I'll queued this up for 4.4 -stable.
Powered by blists - more mailing lists