| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180918025837.GA3548@nautica>
Date: Tue, 18 Sep 2018 04:58:37 +0200
From: Dominique Martinet <asmadeus@...ewreck.org>
To: David Miller <davem@...emloft.net>
Cc: doronrk@...com, tom@...ntonium.net, davejwatson@...com,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] kcm: remove any offset before parsing messages
David Miller wrote on Mon, Sep 17, 2018:
> > No, they can see it, so it's possible to make a KCM program that works
> > right now if you are careful (I'm not sure why the offset within bpf is
> > different from the offset in the kernel though, it looks like the bpf
> > program skips the qos part of the control buffer)
>
> What helper is used in the BPF program to get this offset value?
>
> (also good info to add to the commit message)
Dave defined one himself ; for a simple protocol where the offset is in
the first four bytes of the message.
The whole bpf program could look like this:
------
struct kcm_rx_msg { int full_len; int offset; };
static inline struct kcm_rx_msg *kcm_rx_msg(struct __sk_buff *skb) {
return (struct kcm_rx_msg *)skb->cb;
}
int decode_framing(struct __sk_buff *skb) {
return load_word(skb, kcm_rx_msg(skb)->offset);
}
------
If we go towards documenting it, adding a helper would be useful yes;
buf if we pull that becomes unnecessary.
(I'll add the example program in the commit message anyway at your
suggestion)
--
Dominique Martinet
Powered by blists - more mailing lists