| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALMXkpaob+3nuS5AhST54hz9keW=_SrZopf4ZfzSZY5dc=-HBA@mail.gmail.com>
Date: Thu, 29 Nov 2018 16:00:42 -0800
From: Christoph Paasch <christoph.paasch@...il.com>
To: David Miller <davem@...emloft.net>
Cc: Eric Dumazet <eric.dumazet@...il.com>,
Christoph Paasch <cpaasch@...le.com>,
netdev <netdev@...r.kernel.org>, bhole_prashant_q7@....ntt.co.jp,
tyhicks@...onical.com
Subject: Re: [PATCH net] net: Prevent invalid access to skb->prev in __qdisc_drop_all
On Thu, Nov 29, 2018 at 3:54 PM David Miller <davem@...emloft.net> wrote:
>
> From: Eric Dumazet <eric.dumazet@...il.com>
> Date: Thu, 29 Nov 2018 15:09:18 -0800
>
> > diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c
> > index 2c38e3d0792468162ee0dc4137f1400160ab9276..22cd46a600576f286803536d45875cd9d537cdca 100644
> > --- a/net/sched/sch_netem.c
> > +++ b/net/sched/sch_netem.c
> > @@ -431,6 +431,9 @@ static int netem_enqueue(struct sk_buff *skb, struct Qdisc *sch,
> > int count = 1;
> > int rc = NET_XMIT_SUCCESS;
> >
> > + /* Do not fool qdisc_drop_all() */
> > + skb->prev = NULL;
> > +
> > /* Random duplication */
> > if (q->duplicate && q->duplicate >= get_crandom(&q->dup_cor))
> > ++count;
>
> If this works I definitely prefer it to making the entire stack pay the
> price to fix this crash.
Yes, I tried it out and it works.
Christoph
Powered by blists - more mailing lists