| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Oct 2019 18:05:36 -0700
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: Jiri Pirko <jiri@...nulli.us>
Cc: netdev@...r.kernel.org, davem@...emloft.net, alex.aring@...il.com,
stefan@...enfreihafen.org, jon.maloy@...csson.com,
ying.xue@...driver.com, johannes.berg@...el.com, mkubecek@...e.cz,
yuehaibing@...wei.com, mlxsw@...lanox.com
Subject: Re: [patch net-next] net: genetlink: always allocate separate attrs
for dumpit ops,
On Tue, 8 Oct 2019 12:31:43 +0200, Jiri Pirko wrote:
> From: Jiri Pirko <jiri@...lanox.com>
>
> Individual dumpit ops (start, dumpit, done) are locked by genl_lock
> for if !family->parallel_ops. However, multiple
> genl_family_rcv_msg_dumpit() calls may in in flight in parallel.
> Each has a separate struct genl_dumpit_info allocated
> but they share the same family->attrbuf. Fix this by allocating separate
> memory for attrs for dumpit ops, for non-parallel_ops (for parallel_ops
> it is done already).
>
> Reported-by: syzbot+495688b736534bb6c6ad@...kaller.appspotmail.com
> Reported-by: syzbot+ff59dc711f2cff879a05@...kaller.appspotmail.com
> Reported-by: syzbot+dbe02e13bcce52bcf182@...kaller.appspotmail.com
> Reported-by: syzbot+9cb7edb2906ea1e83006@...kaller.appspotmail.com
> Fixes: bf813b0afeae ("net: genetlink: parse attrs and store in contect info struct during dumpit")
> Signed-off-by: Jiri Pirko <jiri@...lanox.com>
Dropped the comma at the end of the subject and s/for if/if/,
and applied :) Thanks!
Powered by blists - more mailing lists