lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAF=yD-+FUZujxSkd1wwdioSqazNptsHMBRpoms20OZJb0OGJ4w@mail.gmail.com>
Date: Mon, 18 Sep 2023 14:00:59 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: Jordan Rife <jrife@...gle.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, 
	pabeni@...hat.com, netdev@...r.kernel.org, dborkman@...nel.org
Subject: Re: [PATCH net v2 1/3] net: replace calls to sock->ops->connect()
 with kernel_connect()

On Mon, Sep 18, 2023 at 1:56 PM Jordan Rife <jrife@...gle.com> wrote:
>
> > Please include a Fixes tag in all patches targeting next.
> Would this just be a reference to the commit that introduced this bug?

That's right. So that stable tree maintainers know whether to backport or not.

Please also cc: stable@...r.kernel.org to net patches:
https://www.kernel.org/doc/html/latest/process/maintainer-netdev.html#stable-tree

> Should this patch series be targeting net or net-next considering this
> is a long standing bug, not something that was introduced recently.

It sounds like BPF hooks break existing users of kernel_connect. So I
think you directed it correctly to net.

> > For subsequent iteration, no need for a manual follow-up email to CC the subsystem reviews. Just add --cc to git send-email?
> Ack.
>
> -Jordan
>
> On Mon, Sep 18, 2023 at 6:07 AM Willem de Bruijn
> <willemdebruijn.kernel@...il.com> wrote:
> >
> > On Sun, Sep 17, 2023 at 10:50 PM Jordan Rife <jrife@...gle.com> wrote:
> > >
> > > commit 0bdf399342c5 ("net: Avoid address overwrite in kernel_connect")
> > > ensured that kernel_connect() will not overwrite the address parameter
> > > in cases where BPF connect hooks perform an address rewrite. This change
> > > replaces all direct calls to sock->ops->connect() with kernel_connect()
> > > to make these call safe.
> > >
> > > This patch also introduces a sanity check to kernel_connect() to ensure
> > > that the addr_length does not exceed the size of sockaddr_storage before
> > > performing the address copy.
> > >
> > > Link: https://lore.kernel.org/netdev/20230912013332.2048422-1-jrife@google.com/
> > >
> > > Signed-off-by: Jordan Rife <jrife@...gle.com>
> >
> > This looks great to me. Thanks for revising and splitting up.
> >
> > Please include a Fixes tag in all patches targeting next.
> >
> > For subsequent iteration, no need for a manual follow-up email to CC
> > the subsystem reviews. Just add --cc to git send-email?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ