| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6297e31c-2f0b-a364-ca5c-d5d02b640466@mojatatu.com>
Date: Fri, 21 Apr 2023 12:12:54 -0300
From: Pedro Tammela <pctammela@...atatu.com>
To: Jakub Kicinski <kuba@...nel.org>
Cc: netdev@...r.kernel.org, jhs@...atatu.com, xiyou.wangcong@...il.com,
jiri@...nulli.us, davem@...emloft.net, edumazet@...gle.com,
pabeni@...hat.com, simon.horman@...igine.com
Subject: Re: [PATCH net-next v4 3/5] net/sched: act_pedit: check static
offsets a priori
On 20/04/2023 23:41, Jakub Kicinski wrote:
> On Tue, 18 Apr 2023 20:43:52 -0300 Pedro Tammela wrote:
>> @@ -414,12 +420,12 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb,
>> sizeof(_d), &_d);
>> if (!d)
>> goto bad;
>> - offset += (*d & tkey->offmask) >> tkey->shift;
>> - }
>>
>> - if (offset % 4) {
>> - pr_info("tc action pedit offset must be on 32 bit boundaries\n");
>> - goto bad;
>> + offset += (*d & tkey->offmask) >> tkey->shift;
>
> this line loads part of the offset from packet data, so it's not
> exactly equivalent to the init time check.
The code uses 'tkey->offmask' as a check for static offsets vs packet
derived offsets, which have different handling.
By checking the static offsets at init we can move the datapath
'offset % 4' check for the packet derived offsets only.
Note that this change only affects the offsets defined in 'tkey->off',
the 'at' offset logic stays the same.
My intention was to keep the code semantically the same.
Did I miss anything?
> It's unlikely to be used
> but I think that rejecting cur % 4 vs data patch check only is
> technically a functional change, so needs to be discussed in the commit
> msg.
>
Powered by blists - more mailing lists