lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 06 Jan 2020 12:51:21 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
To:     David Ahern <dsahern@...il.com>
Cc:     Casey Schaufler <casey@...aufler-ca.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: commit b9ef5513c99b breaks ping to ipv6 linklocal addresses on debian
 buster

Hello David,

Thank you for reporting. Will you confirm that this patch fixes your problem?
----------------------------------------
>From 06a61125a79139941cdebee3a24b0b4bed576742 Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Date: Mon, 6 Jan 2020 12:46:49 +0900
Subject: [PATCH] smack: Don't reject IPv6's bind() when socket family is invalid

David Ahern has reported that commit b9ef5513c99bf9c8 ("smack: Check
address length before reading address family") breaks ping program in
Debian Buster because that version of ping program is by error using
AF_UNSPEC instead of AF_INET6 when calling connect().

Since rawv6_bind() will fail with -EINVAL and __inet6_bind() from
inet6_bind() will fail with -EAFNOSUPPORT if sin6_family != AF_INET6,
smack_socket_bind() can return 0 rather than -EINVAL.

Reported-by: David Ahern <dsahern@...il.com>
Bisected-by: David Ahern <dsahern@...il.com>
Fixes: b9ef5513c99bf9c8 ("smack: Check address length before reading address family")
Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Cc: stable@...r.kernel.org
---
 security/smack/smack_lsm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index ecea41ce919b..5b2177724d5e 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2810,7 +2810,7 @@ static int smack_socket_bind(struct socket *sock, struct sockaddr *address,
 	if (sock->sk != NULL && sock->sk->sk_family == PF_INET6) {
 		if (addrlen < SIN6_LEN_RFC2133 ||
 		    address->sa_family != AF_INET6)
-			return -EINVAL;
+			return 0;
 		smk_ipv6_port_label(sock, address);
 	}
 	return 0;
-- 
2.16.6

Powered by blists - more mailing lists