| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jun 2019 11:03:40 -0700
From: Cong Wang <xiyou.wangcong@...il.com>
To: netdev@...r.kernel.org
Cc: dcaratti@...hat.com, chrism@...lanox.com, willy@...radead.org,
Cong Wang <xiyou.wangcong@...il.com>
Subject: [Patch net 0/3] idr: fix overflow cases on 32-bit CPU
idr_get_next_ul() is problematic by design, it can't handle
the following overflow case well on 32-bit CPU:
u32 id = UINT_MAX;
idr_alloc_u32(&id);
while (idr_get_next_ul(&id) != NULL)
id++;
when 'id' overflows and becomes 0 after UINT_MAX, the loop
goes infinite.
Fix this by eliminating external users of idr_get_next_ul()
and migrating them to idr_for_each_entry_continue_ul(). And
add an additional parameter for these iteration macros to detect
overflow properly.
Please merge this through networking tree, as all the users
are in networking subsystem.
Cong Wang (2):
idr: fix overflow case for idr_for_each_entry_ul()
idr: introduce idr_for_each_entry_continue_ul()
Davide Caratti (1):
selftests: add a test case for cls_lower handle overflow
---
.../ethernet/mellanox/mlx5/core/fs_counters.c | 10 ++++---
include/linux/idr.h | 21 +++++++++++++--
net/sched/act_api.c | 9 ++++---
net/sched/cls_flower.c | 27 +++++--------------
.../tc-testing/tc-tests/filters/tests.json | 19 +++++++++++++
5 files changed, 57 insertions(+), 29 deletions(-)
--
2.21.0
Powered by blists - more mailing lists