lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <bb111622-1a5c-2a8b-f526-c94f7b77d454@intel.com>
Date:   Mon, 2 Oct 2017 08:57:06 -0700
From:   Jesus Sanchez-Palencia <jesus.sanchez-palencia@...el.com>
To:     Cong Wang <xiyou.wangcong@...il.com>,
        Vinicius Costa Gomes <vinicius.gomes@...el.com>
Cc:     Linux Kernel Network Developers <netdev@...r.kernel.org>,
        intel-wired-lan <intel-wired-lan@...ts.osuosl.org>,
        Jamal Hadi Salim <jhs@...atatu.com>,
        Jiri Pirko <jiri@...nulli.us>, andre.guedes@...el.com,
        Ivan Briano <ivan.briano@...el.com>, boon.leong.ong@...el.com,
        richardcochran@...il.com, Henrik Austad <henrik@...tad.us>,
        levipearson@...il.com, rodney.cummings@...com
Subject: Re: [next-queue PATCH v2 2/5] net/sched: Fix accessing invalid
 dev_queue

Hi,

On 09/30/2017 05:22 PM, Cong Wang wrote:
> On Fri, Sep 29, 2017 at 5:26 PM, Vinicius Costa Gomes
> <vinicius.gomes@...el.com> wrote:
>> From: Jesus Sanchez-Palencia <jesus.sanchez-palencia@...el.com>
>>
>> In qdisc_alloc() the dev_queue pointer was used without any checks being
>> performed. If qdisc_create() gets a null dev_queue pointer, it just
>> passes it along to qdisc_alloc(), leading to a crash. That happens if a
>> root qdisc implements select_queue() and returns a null dev_queue
>> pointer for an "invalid handle", for example.
> 
> Does it make sense to let mqprio_select_queue() always return
> non-NULL?
> 
> At least mq_select_queue() returns queue #0 as a fallback.

I had seen that, but my understanding was that for mqprio the inner qdiscs are
always related to one of the Tx netdev_queue per design. Returning any other
queue as a fallback seemed like going against that to me.

I'd rather keep this function as the patch is proposing, thus either returning
the correct netdev_queue for a given handle, or NULL as a way to flag that
something was 'wrong' with it. Returning queue #0 is misleading in that sense, imo.

What do you think?

Regards,
Jesus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ