| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Feb 2020 16:32:50 -0800 (PST)
From: David Miller <davem@...emloft.net>
To: rohitm@...lsio.com
Cc: kuba@...nel.org, netdev@...r.kernel.org, borisp@...lanox.com,
aviadye@...lanox.com, john.fastabend@...il.com,
daniel@...earbox.net, manojmalviya@...lsio.com
Subject: Re: [PATCH net v4] net/tls: Fix to avoid gettig invalid tls record
From: Rohit Maheshwari <rohitm@...lsio.com>
Date: Wed, 19 Feb 2020 09:40:22 +0530
> Current code doesn't check if tcp sequence number is starting from (/after)
> 1st record's start sequnce number. It only checks if seq number is before
> 1st record's end sequnce number. This problem will always be a possibility
> in re-transmit case. If a record which belongs to a requested seq number is
> already deleted, tls_get_record will start looking into list and as per the
> check it will look if seq number is before the end seq of 1st record, which
> will always be true and will return 1st record always, it should in fact
> return NULL.
> As part of the fix, start looking each record only if the sequence number
> lies in the list else return NULL.
> There is one more check added, driver look for the start marker record to
> handle tcp packets which are before the tls offload start sequence number,
> hence return 1st record if the record is tls start marker and seq number is
> before the 1st record's starting sequence number.
>
> Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure")
> Signed-off-by: Rohit Maheshwari <rohitm@...lsio.com>
Applied and queued up for -stable.
Powered by blists - more mailing lists