lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c66e0309572345f5b0f32d078701f2d7@AcuMS.aculab.com>
Date:   Thu, 14 May 2020 12:30:17 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Marcelo Ricardo Leitner' <marcelo.leitner@...il.com>,
        'Christoph Hellwig' <hch@....de>
CC:     "'David S. Miller'" <davem@...emloft.net>,
        'Jakub Kicinski' <kuba@...nel.org>,
        'Eric Dumazet' <edumazet@...gle.com>,
        'Alexey Kuznetsov' <kuznet@....inr.ac.ru>,
        'Hideaki YOSHIFUJI' <yoshfuji@...ux-ipv6.org>,
        "'Vlad Yasevich'" <vyasevich@...il.com>,
        'Neil Horman' <nhorman@...driver.com>,
        "'Jon Maloy'" <jmaloy@...hat.com>,
        'Ying Xue' <ying.xue@...driver.com>,
        "'drbd-dev@...ts.linbit.com'" <drbd-dev@...ts.linbit.com>,
        "'linux-block@...r.kernel.org'" <linux-block@...r.kernel.org>,
        "'linux-kernel@...r.kernel.org'" <linux-kernel@...r.kernel.org>,
        "'linux-rdma@...r.kernel.org'" <linux-rdma@...r.kernel.org>,
        "'linux-nvme@...ts.infradead.org'" <linux-nvme@...ts.infradead.org>,
        "'target-devel@...r.kernel.org'" <target-devel@...r.kernel.org>,
        "'linux-afs@...ts.infradead.org'" <linux-afs@...ts.infradead.org>,
        "'linux-cifs@...r.kernel.org'" <linux-cifs@...r.kernel.org>,
        "'cluster-devel@...hat.com'" <cluster-devel@...hat.com>,
        "'ocfs2-devel@....oracle.com'" <ocfs2-devel@....oracle.com>,
        "'netdev@...r.kernel.org'" <netdev@...r.kernel.org>,
        "'linux-sctp@...r.kernel.org'" <linux-sctp@...r.kernel.org>,
        "'ceph-devel@...r.kernel.org'" <ceph-devel@...r.kernel.org>,
        "'rds-devel@....oracle.com'" <rds-devel@....oracle.com>,
        "'linux-nfs@...r.kernel.org'" <linux-nfs@...r.kernel.org>
Subject: RE: [PATCH 32/33] sctp: add sctp_sock_get_primary_addr

From: David Laight
> Sent: 14 May 2020 10:51
> From: Marcelo Ricardo Leitner
> > Sent: 13 May 2020 19:03
> >
> > On Wed, May 13, 2020 at 08:26:47AM +0200, Christoph Hellwig wrote:
> > > Add a helper to directly get the SCTP_PRIMARY_ADDR sockopt from kernel
> > > space without going through a fake uaccess.
> >
> > Same comment as on the other dlm/sctp patch.
> 
> Wouldn't it be best to write sctp_[gs]etsockotp() that
> use a kernel buffer and then implement the user-space
> calls using a wrapper that does the copies to an on-stack
> (or malloced if big) buffer.

Actually looking at __sys_setsockopt() it calls
BPF_CGROUP_RUN_PROG_SETSOCKOPT() which (by the look of it)
can copy the user buffer into malloc()ed memory and
cause set_fs(KERNEL_DS) be called.

The only way to get rid of that set_fs() is to always
have the buffer in kernel memory when the underlying
setsockopt() code is called.

The comment above __sys_[sg]etsockopt() about not knowing
the length is just wrong.
It probably applied to getsockopt() in the dim and distant
past before it was made read-update.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ