lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 16 Mar 2020 01:46:24 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     ap420073@...il.com
Cc:     kuba@...nel.org, netdev@...r.kernel.org
Subject: Re: [PATCH net v2 0/3] hsr: fix several bugs in generic netlink
 callback

From: Taehee Yoo <ap420073@...il.com>
Date: Fri, 13 Mar 2020 06:49:52 +0000

> This patchset is to fix several bugs they are related in
> generic netlink callback in hsr module.
> 
> 1. The first patch is to add missing rcu_read_lock() in
> hsr_get_node_{list/status}().
> The hsr_get_node_{list/status}() are not protected by RTNL because
> they are callback functions of generic netlink.
> But it calls __dev_get_by_index() without acquiring RTNL.
> So, it would use unsafe data.
> 
> 2. The second patch is to avoid failure of hsr_get_node_list().
> hsr_get_node_list() is a callback of generic netlink and
> it is used to get node information in userspace.
> But, if there are so many nodes, it fails because of buffer size.
> So, in this patch, restart routine is added.
> 
> 3. The third patch is to set .netnsok flag to true.
> If .netnsok flag is false, non-init_net namespace is not allowed to
> operate generic netlink operations.
> So, currently, non-init_net namespace has no way to get node information
> because .netnsok is false in the current hsr code.
> 
> Change log:
> v1->v2:
>  - Preserve reverse christmas tree variable ordering in the second patch.

Series applied, thank you.

Powered by blists - more mailing lists