| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1547878830-22042-1-git-send-email-laoar.shao@gmail.com>
Date: Sat, 19 Jan 2019 14:20:30 +0800
From: Yafang Shao <laoar.shao@...il.com>
To: ast@...nel.org, daniel@...earbox.net
Cc: netdev@...r.kernel.org, shaoyafang@...iglobal.com,
Yafang Shao <laoar.shao@...il.com>
Subject: [PATCH bpf-next] bpf: sock recvbuff must be limited by rmem_max in bpf_setsockopt()
When sock recvbuff is set by bpf_setsockopt(), the value must by limited
by rmem_max.
It is the same with sendbuff.
Signed-off-by: Yafang Shao <laoar.shao@...il.com>
---
net/core/filter.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/core/filter.c b/net/core/filter.c
index 447dd1b..f30b58a 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -4111,10 +4111,12 @@ static unsigned long bpf_xdp_copy(void *dst_buff, const void *src_buff,
/* Only some socketops are supported */
switch (optname) {
case SO_RCVBUF:
+ val = min_t(u32, val, sysctl_rmem_max);
sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
sk->sk_rcvbuf = max_t(int, val * 2, SOCK_MIN_RCVBUF);
break;
case SO_SNDBUF:
+ val = min_t(u32, val, sysctl_wmem_max);
sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
sk->sk_sndbuf = max_t(int, val * 2, SOCK_MIN_SNDBUF);
break;
--
1.8.3.1
Powered by blists - more mailing lists