lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 18 Sep 2018 19:51:50 -0700 (PDT)
From:   David Miller <davem@...hat.com>
To:     johannes@...solutions.net
Cc:     netdev@...r.kernel.org, marcelo.leitner@...il.com,
        mkubecek@...e.cz, johannes.berg@...el.com
Subject: Re: [PATCH v2 2/2] netlink: add ethernet address policy types

From: Johannes Berg <johannes@...solutions.net>
Date: Mon, 17 Sep 2018 11:57:29 +0200

> From: Johannes Berg <johannes.berg@...el.com>
> 
> Commonly, ethernet addresses are just using a policy of
> 	{ .len = ETH_ALEN }
> which leaves userspace free to send more data than it should,
> which may hide bugs.
> 
> Introduce NLA_EXACT_LEN which checks for exact size, rejecting
> the attribute if it's not exactly that length. Also add
> NLA_EXACT_LEN_WARN which requires the minimum length and will
> warn on longer attributes, for backward compatibility.
> 
> Use these to define NLA_POLICY_ETH_ADDR (new strict policy) and
> NLA_POLICY_ETH_ADDR_COMPAT (compatible policy with warning);
> these are used like this:
> 
>     static const struct nla_policy <name>[...] = {
>         [NL_ATTR_NAME] = NLA_POLICY_ETH_ADDR,
>         ...
>     };
> 
> Signed-off-by: Johannes Berg <johannes.berg@...el.com>
> ---
> v2: add only NLA_EXACT_LEN/NLA_EXACT_LEN_WARN and build on top
>     of that for ethernet address validation, so it can be extended
>     for other types (e.g. IPv6 addresses)

Applied.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ