lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 6 Jun 2023 11:01:14 +0300
From: Gal Pressman <gal@...dia.com>
To: Edwin Peer <espeer@...il.com>, Jakub Kicinski <kuba@...nel.org>
Cc: David Ahern <dsahern@...il.com>, netdev <netdev@...r.kernel.org>,
 Andrew Gospodarek <andrew.gospodarek@...adcom.com>,
 Michael Chan <michael.chan@...adcom.com>,
 Stephen Hemminger <stephen@...workplumber.org>,
 Michal Kubecek <mkubecek@...e.cz>
Subject: Re: [PATCH net-next 1/4] netlink: truncate overlength attribute list
 in nla_nest_end()

On 05/06/2023 22:27, Edwin Peer wrote:
> On Mon, Jun 5, 2023 at 11:58 AM Jakub Kicinski <kuba@...nel.org> wrote:
>>
>> [Updating Edwin's email.]
>>
>> On Mon, 5 Jun 2023 10:28:06 +0300 Gal Pressman wrote:
>>> On 26/01/2021 19:51, Edwin Peer wrote:
>>>> On Mon, Jan 25, 2021 at 8:56 PM David Ahern <dsahern@...il.com> wrote:
>>>>
>>>>> I'm not a fan of the skb trim idea. I think it would be better to figure
>>>>> out how to stop adding to the skb when an attr length is going to exceed
>>>>> 64kB. Not failing hard with an error (ip link sh needs to succeed), but
>>>>> truncating the specific attribute of a message with a flag so userspace
>>>>> knows it is short.
>>>>
>>>> Absent the ability to do something useful in terms of actually
>>>> avoiding the overflow [1], I'm abandoning this approach entirely. I
>>>> have a different idea that I will propose in due course.
>>>>
>>>> [1] https://marc.info/?l=linux-netdev&m=161163943811663
>>>>
>>>> Regards,
>>>> Edwin Peer
>>>
>>> Hello Edwin,
>>>
>>> I'm also interested in getting this issue resolved, have you had any
>>> progress since this series? Are you still working on it?
> 
> Hi Kuba,
> 
> Thanks for the CC, I left Broadcom quite some time ago and am no
> longer subscribed to netdev as a result (been living in firmware land
> doing work in Rust).
> 
> I have no immediate plans to pick this up, at least not in the short
> to medium term. My work in progress was on the laptop I returned and I
> cannot immediately recall what solution I had in mind here.
> 
> Regards,
> Edwin Peer

Jakub, sorry if this has been discussed already in the past, but can you
please clarify what is an accepted (or more importantly, not accepted)
solution for this issue? I'm not familiar with the history and don't
want to repeat previous mistakes.

So far I've seen discussions about increasing the recv buffer size, and
this patchset which changes the GETLINK ABI, both of which were nacked.

Having 'ip link show' broken is very unfortunate :\, how should one
approach this issue in 2023?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ