lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1498215515.24295.12.camel@perches.com>
Date:   Fri, 23 Jun 2017 03:58:35 -0700
From:   Joe Perches <joe@...ches.com>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     Dave Watson <davejwatson@...com>,
        Aviad Yehezkel <aviadye@...lanox.com>,
        Ilya Lesokhin <ilyal@...lanox.com>,
        "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
        kernel-janitors@...r.kernel.org
Subject: Re: [PATCH -net] tls: return -EFAULT if copy_to_user() fails

On Fri, 2017-06-23 at 13:36 +0300, Dan Carpenter wrote:
> On Fri, Jun 23, 2017 at 03:31:44AM -0700, Joe Perches wrote:
> > On Fri, 2017-06-23 at 13:15 +0300, Dan Carpenter wrote:
> > > The copy_to_user() function returns the number of bytes remaining but we
> > > want to return -EFAULT here.
> > 
> > because?
> > 
> 
> Rhetorical questions don't work over email.  Are you honestly confused
> by this patch?

There doesn't seem to be a fault here, just a
return of less than the expected number of bytes.

It's non-obvious why -EFAULT is the appropriate
return value.

Why is changing the return value from number of
bytes transferred, even if less than desired,
the right thing to do?  Your commit message
doesn't describe any rationale.

getsockopt says:

For getsockopt(), optlen is a value-result argument, initially containing the size
of the buffer pointed to by optval, and modified on return to indicate the actual
size of the value returned

The generic EFAULT description in getsockopt is:

       EFAULT    The  address  pointed  to by optval is not in a valid part of the
                 process address space.  For getsockopt(), this error may also  be
                 returned  if optlen is not in a valid part of the process address
                 space.

Is tls different?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ