lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Mar 2020 15:44:51 +0900 From: Taehee Yoo <ap420073@...il.com> To: David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Netdev <netdev@...r.kernel.org> Subject: Re: [PATCH net 0/3] hsr: fix several bugs in generic netlink callback On Fri, 13 Mar 2020 at 11:05, Taehee Yoo <ap420073@...il.com> wrote: > > This patchset is to fix several bugs they are related in > generic netlink callback in hsr module. > > 1. The first patch is to add missing rcu_read_lock() in > hsr_get_node_{list/status}(). > The hsr_get_node_{list/status}() are not protected by RTNL because > they are callback functions of generic netlink. > But it calls __dev_get_by_index() without acquiring RTNL. > So, it would use unsafe data. > > 2. The second patch is to avoid failure of hsr_get_node_list(). > hsr_get_node_list() is a callback of generic netlink and > it is used to get node information in userspace. > But, if there are so many nodes, it fails because of buffer size. > So, in this patch, restart routine is added. > > 3. The third patch is to set .netnsok flag to true. > If .netnsok flag is false, non-init_net namespace is not allowed to > operate generic netlink operations. > So, currently, non-init_net namespace has no way to get node information > because .netnsok is false in the current hsr code. > I found that the second patch doesn't preserve reverse christmas tree variable ordering. So, I will send a v2 patch. > Taehee Yoo (3): > hsr: use rcu_read_lock() in hsr_get_node_{list/status}() > hsr: add restart routine into hsr_get_node_list() > hsr: set .netnsok flag > > net/hsr/hsr_framereg.c | 9 ++----- > net/hsr/hsr_netlink.c | 61 +++++++++++++++++++++++++++--------------- > 2 files changed, 41 insertions(+), 29 deletions(-) > > -- > 2.17.1 >
Powered by blists - more mailing lists