| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Mar 2020 01:46:24 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: ap420073@...il.com
Cc: kuba@...nel.org, netdev@...r.kernel.org
Subject: Re: [PATCH net v2 0/3] hsr: fix several bugs in generic netlink
callback
From: Taehee Yoo <ap420073@...il.com>
Date: Fri, 13 Mar 2020 06:49:52 +0000
> This patchset is to fix several bugs they are related in
> generic netlink callback in hsr module.
>
> 1. The first patch is to add missing rcu_read_lock() in
> hsr_get_node_{list/status}().
> The hsr_get_node_{list/status}() are not protected by RTNL because
> they are callback functions of generic netlink.
> But it calls __dev_get_by_index() without acquiring RTNL.
> So, it would use unsafe data.
>
> 2. The second patch is to avoid failure of hsr_get_node_list().
> hsr_get_node_list() is a callback of generic netlink and
> it is used to get node information in userspace.
> But, if there are so many nodes, it fails because of buffer size.
> So, in this patch, restart routine is added.
>
> 3. The third patch is to set .netnsok flag to true.
> If .netnsok flag is false, non-init_net namespace is not allowed to
> operate generic netlink operations.
> So, currently, non-init_net namespace has no way to get node information
> because .netnsok is false in the current hsr code.
>
> Change log:
> v1->v2:
> - Preserve reverse christmas tree variable ordering in the second patch.
Series applied, thank you.
Powered by blists - more mailing lists