lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Nov 2018 22:12:12 -0700 From: David Ahern <dsahern@...il.com> To: nicolas.dichtel@...nd.com, Joe Stringer <joe@...d.net.nz> Cc: netdev <netdev@...r.kernel.org>, daniel@...earbox.net Subject: Re: netns_id in bpf_sk_lookup_{tcp,udp} On 11/20/18 2:05 AM, Nicolas Dichtel wrote: > Le 20/11/2018 à 00:46, David Ahern a écrit : > [snip] >> That revelation shows another hole: >> $ ip netns add foo >> $ ip netns set foo 0xffffffff > It also works with 0xf0000000 ... > >> $ ip netns list >> foo (id: 0) >> >> Seems like alloc_netid() should error out if reqid < -1 (-1 being the >> NETNSA_NSID_NOT_ASSIGNED flag) as opposed to blindly ignoring it. > alloc_netid() tries to allocate the specified nsid if this nsid is valid, ie >= > 0, else it allocates a new nsid (actually the lower available). > This is the expected behavior. > > For me, it's more an iproute2 problem, which parses an unsigned and silently > cast it to a signed value. > > -----8<-------------------- > > From 79bac98bfd0acbf2526a3427d5aba96564844209 Mon Sep 17 00:00:00 2001 > From: Nicolas Dichtel <nicolas.dichtel@...nd.com> > Date: Tue, 20 Nov 2018 09:59:46 +0100 > Subject: ipnetns: parse nsid as a signed integer > > Don't confuse the user, nsid is a signed interger, this kind of command > should return an error: 'ip netns set foo 0xffffffff'. > > Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com> > --- > ip/ipnetns.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/ip/ipnetns.c b/ip/ipnetns.c > index 0eac18cf2682..54346ac987cf 100644 > --- a/ip/ipnetns.c > +++ b/ip/ipnetns.c > @@ -739,8 +739,7 @@ static int netns_set(int argc, char **argv) > { > char netns_path[PATH_MAX]; > const char *name; > - unsigned int nsid; > - int netns; > + int netns, nsid; > > if (argc < 1) { > fprintf(stderr, "No netns name specified\n"); > @@ -754,7 +753,7 @@ static int netns_set(int argc, char **argv) > /* If a negative nsid is specified the kernel will select the nsid. */ > if (strcmp(argv[1], "auto") == 0) > nsid = -1; > - else if (get_unsigned(&nsid, argv[1], 0)) > + else if (get_integer(&nsid, argv[1], 0)) > invarg("Invalid \"netnsid\" value\n", argv[1]); > > snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, name); > Nicolas: Can you send this formally and cc Stephen so it goes into the master branch? Thanks
Powered by blists - more mailing lists