lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <309B89C4C689E141A5FF6A0C5FB2118B9714C84E@ORSMSX103.amr.corp.intel.com>
Date:   Fri, 11 Oct 2019 01:03:04 +0000
From:   "Brown, Aaron F" <aaron.f.brown@...el.com>
To:     "Keller, Jacob E" <jacob.e.keller@...el.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:     Intel Wired LAN <intel-wired-lan@...ts.osuosl.org>,
        "Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>,
        "Keller, Jacob E" <jacob.e.keller@...el.com>,
        Richard Cochran <richardcochran@...il.com>,
        Felipe Balbi <felipe.balbi@...ux.intel.com>,
        "David S . Miller" <davem@...emloft.net>,
        "Hall, Christopher S" <christopher.s.hall@...el.com>
Subject: RE: [net-next v3 1/7] ptp: correctly disable flags on old ioctls

> From: netdev-owner@...r.kernel.org [mailto:netdev-owner@...r.kernel.org]
> On Behalf Of Jacob Keller
> Sent: Thursday, September 26, 2019 11:11 AM
> To: netdev@...r.kernel.org
> Cc: Intel Wired LAN <intel-wired-lan@...ts.osuosl.org>; Kirsher, Jeffrey T
> <jeffrey.t.kirsher@...el.com>; Keller, Jacob E <jacob.e.keller@...el.com>;
> Richard Cochran <richardcochran@...il.com>; Felipe Balbi
> <felipe.balbi@...ux.intel.com>; David S . Miller <davem@...emloft.net>; Hall,
> Christopher S <christopher.s.hall@...el.com>
> Subject: [net-next v3 1/7] ptp: correctly disable flags on old ioctls
> 
> Commit 415606588c61 ("PTP: introduce new versions of IOCTLs",
> 2019-09-13) introduced new versions of the PTP ioctls which actually
> validate that the flags are acceptable values.
> 
> As part of this, it cleared the flags value using a bitwise
> and+negation, in an attempt to prevent the old ioctl from accidentally
> enabling new features.
> 
> This is incorrect for a couple of reasons. First, it results in
> accidentally preventing previously working flags on the request ioctl.
> By clearing the "valid" flags, we now no longer allow setting the
> enable, rising edge, or falling edge flags.
> 
> Second, if we add new additional flags in the future, they must not be
> set by the old ioctl. (Since the flag wasn't checked before, we could
> potentially break userspace programs which sent garbage flag data.
> 
> The correct way to resolve this is to check for and clear all but the
> originally valid flags.
> 
> Create defines indicating which flags are correctly checked and
> interpreted by the original ioctls. Use these to clear any bits which
> will not be correctly interpreted by the original ioctls.
> 
> In the future, new flags must be added to the VALID_FLAGS macros, but
> *not* to the V1_VALID_FLAGS macros. In this way, new features may be
> exposed over the v2 ioctls, but without breaking previous userspace
> which happened to not clear the flags value properly. The old ioctl will
> continue to behave the same way, while the new ioctl gains the benefit
> of using the flags fields.
> 
> Cc: Richard Cochran <richardcochran@...il.com>
> Cc: Felipe Balbi <felipe.balbi@...ux.intel.com>
> Cc: David S. Miller <davem@...emloft.net>
> Cc: Christopher Hall <christopher.s.hall@...el.com>
> Signed-off-by: Jacob Keller <jacob.e.keller@...el.com>
> ---
>  drivers/ptp/ptp_chardev.c      |  4 ++--
>  include/uapi/linux/ptp_clock.h | 22 ++++++++++++++++++++++
>  2 files changed, 24 insertions(+), 2 deletions(-)

Tested-by: Aaron Brown <aaron.f.brown@...el.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ