| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Nov 2018 10:05:11 +0100
From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
To: David Ahern <dsahern@...il.com>, Joe Stringer <joe@...d.net.nz>
Cc: netdev <netdev@...r.kernel.org>, daniel@...earbox.net
Subject: Re: netns_id in bpf_sk_lookup_{tcp,udp}
Le 20/11/2018 à 00:46, David Ahern a écrit :
[snip]
> That revelation shows another hole:
> $ ip netns add foo
> $ ip netns set foo 0xffffffff
It also works with 0xf0000000 ...
> $ ip netns list
> foo (id: 0)
>
> Seems like alloc_netid() should error out if reqid < -1 (-1 being the
> NETNSA_NSID_NOT_ASSIGNED flag) as opposed to blindly ignoring it.
alloc_netid() tries to allocate the specified nsid if this nsid is valid, ie >=
0, else it allocates a new nsid (actually the lower available).
This is the expected behavior.
For me, it's more an iproute2 problem, which parses an unsigned and silently
cast it to a signed value.
-----8<--------------------
>From 79bac98bfd0acbf2526a3427d5aba96564844209 Mon Sep 17 00:00:00 2001
From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
Date: Tue, 20 Nov 2018 09:59:46 +0100
Subject: ipnetns: parse nsid as a signed integer
Don't confuse the user, nsid is a signed interger, this kind of command
should return an error: 'ip netns set foo 0xffffffff'.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
---
ip/ipnetns.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/ip/ipnetns.c b/ip/ipnetns.c
index 0eac18cf2682..54346ac987cf 100644
--- a/ip/ipnetns.c
+++ b/ip/ipnetns.c
@@ -739,8 +739,7 @@ static int netns_set(int argc, char **argv)
{
char netns_path[PATH_MAX];
const char *name;
- unsigned int nsid;
- int netns;
+ int netns, nsid;
if (argc < 1) {
fprintf(stderr, "No netns name specified\n");
@@ -754,7 +753,7 @@ static int netns_set(int argc, char **argv)
/* If a negative nsid is specified the kernel will select the nsid. */
if (strcmp(argv[1], "auto") == 0)
nsid = -1;
- else if (get_unsigned(&nsid, argv[1], 0))
+ else if (get_integer(&nsid, argv[1], 0))
invarg("Invalid \"netnsid\" value\n", argv[1]);
snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, name);
--
2.13.2
Powered by blists - more mailing lists