| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Oct 2023 05:48:20 -0400 From: Jamal Hadi Salim <jhs@...atatu.com> To: netdev@...r.kernel.org Cc: xiyou.wangcong@...il.com, jiri@...nulli.us, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, Christian Theune <ct@...ingcircus.io>, Pedro Tammela <pctammela@...atatu.com>, Budimir Markovic <markovicbudimir@...il.com> Subject: Re: [PATCH net 0/2] net/sched: sch_hfsc: safely allow 'rt' inner curves On Fri, Oct 13, 2023 at 11:11 AM Pedro Tammela <pctammela@...atatu.com> wrote: > > As reported [1] disallowing 'rt' inner curves breaks already existing > scripts. Even though it doesn't make sense 'qdisc wise' users have been > relying on this behaviour since the qdisc inception. > > We need users to update the scripts/applications to use 'sc' or 'ls' > as a inner curve instead of 'rt', but also avoid the UAF found by > Budimir, which was present since the qdisc inception. > > Instead of raising an error when classes are added with a 'rt' as a > parent, upgrade the 'rt' to an 'sc' on the fly, avoiding the UAF, and set > a warning for the user. Hopefully the warning laso triggers users to update > their scripts/applications. > > [1] https://lore.kernel.org/all/297D84E3-736E-4AB4-B825-264279E2043C@flyingcircus.io/ > For the series: Acked-by: Jamal Hadi Salim <jhs@...atatu.com> Christian, this should fix it for you but with a caveat: if you configure a "faulty" inner qdis to be rt it will "fixed" - meaning you can keep your scripts but when you dump you will see the "fixed" version instead of the "faulty" one. cheers, jamal
Powered by blists - more mailing lists