lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <419ac17f-ac4f-25bc-62d1-ddf05562764a@kernel.org>
Date:   Wed, 15 Mar 2023 09:30:19 -0600
From:   David Ahern <dsahern@...nel.org>
To:     Ido Schimmel <idosch@...dia.com>, netdev@...r.kernel.org
Cc:     davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
        edumazet@...gle.com, mark.tomlinson@...iedtelesis.co.nz,
        gaoxingwang1@...wei.com, mlxsw@...dia.com
Subject: Re: [PATCH net] ipv4: Fix incorrect table ID in IOCTL path

On 3/15/23 6:40 AM, Ido Schimmel wrote:
> Commit f96a3d74554d ("ipv4: Fix incorrect route flushing when source
> address is deleted") started to take the table ID field in the FIB info
> structure into account when determining if two structures are identical
> or not. This field is initialized using the 'fc_table' field in the
> route configuration structure, which is not set when adding a route via
> IOCTL.
> 
> The above can result in user space being able to install two identical
> routes that only differ in the table ID field of their associated FIB
> info.
> 
> Fix by initializing the table ID field in the route configuration
> structure in the IOCTL path.
> 
> Before the fix:
> 
>  # ip route add default via 192.0.2.2
>  # route add default gw 192.0.2.2
>  # ip -4 r show default
>  # default via 192.0.2.2 dev dummy10
>  # default via 192.0.2.2 dev dummy10
> 
> After the fix:
> 
>  # ip route add default via 192.0.2.2
>  # route add default gw 192.0.2.2
>  SIOCADDRT: File exists
>  # ip -4 r show default
>  default via 192.0.2.2 dev dummy10
> 
> Audited the code paths to ensure there are no other paths that do not
> properly initialize the route configuration structure when installing a
> route.
> 
> Fixes: 5a56a0b3a45d ("net: Don't delete routes in different VRFs")
> Fixes: f96a3d74554d ("ipv4: Fix incorrect route flushing when source address is deleted")
> Reported-by: gaoxingwang <gaoxingwang1@...wei.com>
> Link: https://lore.kernel.org/netdev/20230314144159.2354729-1-gaoxingwang1@huawei.com/
> Tested-by: gaoxingwang <gaoxingwang1@...wei.com>
> Signed-off-by: Ido Schimmel <idosch@...dia.com>
> ---
>  net/ipv4/fib_frontend.c | 3 +++
>  1 file changed, 3 insertions(+)
> 

Reviewed-by: David Ahern <dsahern@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ