lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 17 Jun 2019 14:01:06 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     ldir@...byshire-bryant.me.uk
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH net-next 0/2] net: sched: act_ctinfo: fixes

From: Kevin Darbyshire-Bryant <ldir@...byshire-bryant.me.uk>
Date: Mon, 17 Jun 2019 11:03:25 +0100

> This is first attempt at sending a small series.  Order is important
> because one bug (policy validation) prevents us from encountering the
> more important 'OOPS' generating bug in action creation.  Fix the OOPS
> first.
> 
> Confession time: Until very recently, development of this module has
> been done on 'net-next' tree to 'clean compile' level with run-time
> testing on backports to 4.14 & 4.19 kernels under openwrt.  It turns out
> that sched: action: based code has been under more active change than I
> realised.
> 
> During the back & forward porting during development & testing, the
> critical ACT_P_CREATED return code got missed despite being in the 4.14
> & 4.19 backports.  I have now gone through the init functions, using
> act_csum as reference with a fine toothed comb and am happy they do the
> same things.
> 
> This issue hadn't been caught till now due to another issue caused by
> new strict nla_parse_nested function failing parsing validation before
> action creation.
> 
> Thanks to Marcelo Leitner <marcelo.leitner@...il.com> for flagging
> extack deficiency (fixed in 733f0766c3de sched: act_ctinfo: use extack
> error reporting) which led to b424e432e770 ("netlink: add validation of
> NLA_F_NESTED flag") and 8cb081746c03 ("netlink: make validation more
> configurable for future strictness”) which led to the policy validation
> fix, which then led to the action creation fix both contained in this
> series.
> 
> If I ever get to a developer conference please feel free to
> tar/feather/apply cone of shame.

:-)  In kernel networking development we prefer brown paper bags over
cones of shame, just FYI :) :) :)

Series applied, thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ