| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 4 Feb 2018 13:11:02 +0100
From: Christian Brauner <christian.brauner@...onical.com>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: Christian Brauner <christian.brauner@...ntu.com>,
netdev@...r.kernel.org, ebiederm@...ssion.com, jbenc@...hat.com,
nicolas.dichtel@...nd.com, linux-kernel@...r.kernel.org,
dsahern@...il.com, davem@...emloft.net
Subject: Re: [PATCH net 1/1 v1] rtnetlink: require unique netns identifier
On Sat, Feb 03, 2018 at 11:17:01AM -0800, Stephen Hemminger wrote:
> On Sat, 3 Feb 2018 14:29:04 +0100
> Christian Brauner <christian.brauner@...ntu.com> wrote:
>
> > +static int rtnl_ensure_unique_netns_attr(const struct sock *sk,
> > + struct nlattr *tb[],
> > + struct netlink_ext_ack *extack)
> > +{
> > + int ret = -EINVAL;
> > + struct net *net = NULL, *unique_net = NULL;
> > +
> > + /* Requests without network namespace ids have been able to specify
> > + * multiple properties referring to different network namespaces so
> > + * don't regress them.
> > + */
> > + if (!tb[IFLA_IF_NETNSID])
> > + return 0;
> > +
> > + if (!tb[IFLA_NET_NS_PID] && !tb[IFLA_NET_NS_FD])
> > + return 0;
>
> Isn't this an error?
My reasoning was that having no explicit network namespace identifying
attributes the caller operates on the current network namespace which is
uniquely identified.
>
> > +
> > + unique_net = get_net_ns_by_id(sock_net(sk), nla_get_s32(tb[IFLA_IF_NETNSID]));
> > + if (!unique_net)
> > + return -1;
>
> Other paths are returning errno, so why -1 here?
Yes, this should be -EINVAL as well.
Thanks!
Christian
Powered by blists - more mailing lists