lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230525163342.GB25057@breakpoint.cc>
Date: Thu, 25 May 2023 18:33:42 +0200
From: Florian Westphal <fw@...len.de>
To: Kuniyuki Iwashima <kuniyu@...zon.com>
Cc: fw@...len.de, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
	kuni1840@...il.com, netdev@...r.kernel.org, pabeni@...hat.com,
	syzbot+444ca0907e96f7c5e48b@...kaller.appspotmail.com
Subject: Re: [PATCH v1 net] udplite: Fix NULL pointer dereference in
 __sk_mem_raise_allocated().

Kuniyuki Iwashima <kuniyu@...zon.com> wrote:
> > I'd remove it in -next.  Same for DCCP.
> 
> Ok, I'll do for UDP Lite.

Thanks.

> +1 for DCCP, but we know there are real?
> still experimenting? users ... ?

Yes, and they can continue to work on their out of tree fork
and research projects, no problem.

I'd say next time some net/core change needs dccp changes,
remove dccp first (or mark it as CONFIG_BROKEN) so it doesn't
cause extra work.

DCCP can be brought back when someone has interest to maintain it.

Looking at DCCP patches its either:
1. odd syzbot fixes
2. api changes in net that need folloup changes in dccp
3. automated transformations

There is no sign that anyone is maintaining this (or running it
in a production environment...).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ