| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180122.104730.362327971778717733.davem@davemloft.net>
Date: Mon, 22 Jan 2018 10:47:30 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: leon@...nel.org
Cc: keescook@...omium.org, santosh.shilimkar@...cle.com,
honli@...hat.com, linux-kernel@...r.kernel.org,
sowmini.varadhan@...cle.com, sbeattie@...ntu.com,
apw@...onical.com, fenlason@...hat.com, netdev@...r.kernel.org,
linux-rdma@...r.kernel.org, rds-devel@....oracle.com
Subject: Re: [PATCH] RDS: Fix rds-ping inducing kernel panic
From: Leon Romanovsky <leon@...nel.org>
Date: Mon, 22 Jan 2018 17:10:54 +0200
> On Mon, Jan 22, 2018 at 03:24:15AM -0800, Kees Cook wrote:
>> diff --git a/net/rds/ib_send.c b/net/rds/ib_send.c
>> index 8557a1cae041..5fbf635d17cb 100644
>> --- a/net/rds/ib_send.c
>> +++ b/net/rds/ib_send.c
>> @@ -506,7 +506,7 @@ int rds_ib_xmit(struct rds_connection *conn, struct rds_message *rm,
>> int flow_controlled = 0;
>> int nr_sig = 0;
>>
>> - BUG_ON(off % RDS_FRAG_SIZE);
>> + BUG_ON(!conn->c_loopback && off % RDS_FRAG_SIZE);
>> BUG_ON(hdr_off != 0 && hdr_off != sizeof(struct rds_header));
>
> To be honest this function full of BUG_ONs and it looks fishy to have them there.
> Why don't we return EINVAL instead of crashing system?
I completely agree that these assertions should just cause an error-out
rather than trigger a BUG().
Powered by blists - more mailing lists