| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 01 Aug 2023 17:11:49 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: David Howells <dhowells@...hat.com>,
Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: dhowells@...hat.com,
netdev@...r.kernel.org,
syzbot+f527b971b4bdc8e79f9e@...kaller.appspotmail.com,
bpf@...r.kernel.org,
brauner@...nel.org,
davem@...emloft.net,
dsahern@...nel.org,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
axboe@...nel.dk,
viro@...iv.linux.org.uk,
linux-fsdevel@...r.kernel.org,
syzkaller-bugs@...glegroups.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] udp: Fix __ip_append_data()'s handling of
MSG_SPLICE_PAGES
David Howells wrote:
> Willem de Bruijn <willemdebruijn.kernel@...il.com> wrote:
>
> > __ip6_append_data probably needs the same.
>
> Now that's interesting. __ip6_append_data() has a check for this and returns
> -EINVAL in this case:
>
> copy = datalen - transhdrlen - fraggap - pagedlen;
> if (copy < 0) {
> err = -EINVAL;
> goto error;
> }
>
> but should I bypass that check for MSG_SPLICE_PAGES? It hits the check when
> it should be able to get past it. The code seems to go back to prehistoric
> times, so I'm not sure why it's there.
Argh, saved by inconsistency between the two stacks.
I don't immediately understand the race that caused this code to move,
in commit 232cd35d0804 ("ipv6: fix out of bound writes in __ip6_append_data()").
Maybe a race with a mtu update?
Technically there is no Fixes tag to apply, so this would not be a fix
for net.
If we want equivalent behavior, a patch removing this branch is probably
best sent to net-next, in a way that works from the start.
Powered by blists - more mailing lists