lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 20 Nov 2018 22:12:12 -0700
From:   David Ahern <dsahern@...il.com>
To:     nicolas.dichtel@...nd.com, Joe Stringer <joe@...d.net.nz>
Cc:     netdev <netdev@...r.kernel.org>, daniel@...earbox.net
Subject: Re: netns_id in bpf_sk_lookup_{tcp,udp}

On 11/20/18 2:05 AM, Nicolas Dichtel wrote:
> Le 20/11/2018 à 00:46, David Ahern a écrit :
> [snip]
>> That revelation shows another hole:
>> $ ip netns add foo
>> $ ip netns set foo 0xffffffff
> It also works with 0xf0000000 ...
> 
>> $ ip netns list
>> foo (id: 0)
>>
>> Seems like alloc_netid() should error out if reqid < -1 (-1 being the
>> NETNSA_NSID_NOT_ASSIGNED flag) as opposed to blindly ignoring it.
> alloc_netid() tries to allocate the specified nsid if this nsid is valid, ie >=
> 0, else it allocates a new nsid (actually the lower available).
> This is the expected behavior.
> 
> For me, it's more an iproute2 problem, which parses an unsigned and silently
> cast it to a signed value.
> 
> -----8<--------------------
> 
> From 79bac98bfd0acbf2526a3427d5aba96564844209 Mon Sep 17 00:00:00 2001
> From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
> Date: Tue, 20 Nov 2018 09:59:46 +0100
> Subject: ipnetns: parse nsid as a signed integer
> 
> Don't confuse the user, nsid is a signed interger, this kind of command
> should return an error: 'ip netns set foo 0xffffffff'.
> 
> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
> ---
>  ip/ipnetns.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/ip/ipnetns.c b/ip/ipnetns.c
> index 0eac18cf2682..54346ac987cf 100644
> --- a/ip/ipnetns.c
> +++ b/ip/ipnetns.c
> @@ -739,8 +739,7 @@ static int netns_set(int argc, char **argv)
>  {
>  	char netns_path[PATH_MAX];
>  	const char *name;
> -	unsigned int nsid;
> -	int netns;
> +	int netns, nsid;
> 
>  	if (argc < 1) {
>  		fprintf(stderr, "No netns name specified\n");
> @@ -754,7 +753,7 @@ static int netns_set(int argc, char **argv)
>  	/* If a negative nsid is specified the kernel will select the nsid. */
>  	if (strcmp(argv[1], "auto") == 0)
>  		nsid = -1;
> -	else if (get_unsigned(&nsid, argv[1], 0))
> +	else if (get_integer(&nsid, argv[1], 0))
>  		invarg("Invalid \"netnsid\" value\n", argv[1]);
> 
>  	snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, name);
> 

Nicolas: Can you send this formally and cc Stephen so it goes into the
master branch? Thanks

Powered by blists - more mailing lists