| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Jul 2020 18:38:39 +0000
From: Dexuan Cui <decui@...rosoft.com>
To: Greg KH <greg@...ah.com>
CC: Al Viro <viro@...iv.linux.org.uk>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
"David S. Miller" <davem@...emloft.net>,
'Eric Dumazet' <edumazet@...gle.com>,
'Willy Tarreau' <w@....eu>,
Joseph Salisbury <Joseph.Salisbury@...rosoft.com>,
Michael Kelley <mikelley@...rosoft.com>
Subject: RE: UDP data corruption in v4.4
> From: Greg KH <greg@...ah.com>
> Sent: Friday, July 24, 2020 10:59 PM
> > [...]
> > Eric Dumazet made an alternative that performs the csum validation earlier:
> >
> > --- a/net/ipv4/udp.c
> > +++ b/net/ipv4/udp.c
> > @@ -1589,8 +1589,7 @@ int udp_queue_rcv_skb(struct sock *sk, struct
> > sk_buff *skb)
> > }
> > }
> >
> > - if (rcu_access_pointer(sk->sk_filter) &&
> > - udp_lib_checksum_complete(skb))
> > + if (udp_lib_checksum_complete(skb))
> > goto csum_error;
> >
> > if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {
> >
> > I personally like Eric's fix and IMHO we'd better have it in v4.4 rather than
> > trying to backport 327868212381.
>
> Does Eric's fix work with your testing?
Yes, it worked in my testing overnight.
> If so, great, can you turn it
> into something I can apply to the 4.4.y stable tree and send it to
> stable@...r.kernel.org?
>
> greg k-h
Will do shortly.
Thanks,
Dexuan
Powered by blists - more mailing lists