| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 20 Jan 2024 08:53:50 +0800 (GMT+08:00)
From: "Lin Ma" <linma@....edu.cn>
To: "Simon Horman" <horms@...nel.org>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, dsahern@...nel.org, razor@...ckwall.org,
leon@...nel.org, haleyb.dev@...il.com, ja@....bg,
judyhsiao@...omium.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v1] neighbour: complement nl_ntbl_parm_policy
Hello Simon,
> On Fri, Jan 19, 2024 at 03:08:47PM +0800, Lin Ma wrote:
> > In the neightbl_set function, the attributes array is parsed and validated
> > using the nl_ntbl_parm_policy policy. However, this policy overlooks the
> > NDTPA_QUEUE_LENBYTES attribute since the commit 6b3f8674bccb ("[NEIGH]:
> > Convert neighbour table modification to new netlink api").
> > As a result, no validation is performed when accessing the
> > NDTPA_QUEUE_LENBYTES attribute.
> >
> > This patch addresses this issue by complementing the policy to ensure that
> > every attribute being accessed is properly validated.
> >
> > Signed-off-by: Lin Ma <linma@....edu.cn>
> > ---
> > net/core/neighbour.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/net/core/neighbour.c b/net/core/neighbour.c
> > index 552719c3bbc3..ece0447cf409 100644
> > --- a/net/core/neighbour.c
> > +++ b/net/core/neighbour.c
> > @@ -2293,6 +2293,7 @@ static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
> > static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
> > [NDTPA_IFINDEX] = { .type = NLA_U32 },
> > [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
> > + [NPTPA_QUEUE_LEN_BYTES] = { .type = NLA_U32 },
>
> This does not compile because NPTPA_QUEUE_LEN_BYTES is
> not present in net-next.
>
> > [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
> > [NDTPA_APP_PROBES] = { .type = NLA_U32 },
> > [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
>
>
> ## Form letter - net-next-closed
>
> [adapted from text by Jakub]
>
> The merge window for v6.8 has begun and therefore net-next is closed
> for new drivers, features, code refactoring and optimizations.
> We are currently accepting bug fixes only.
>
> Please repost when net-next reopens on or after 22nd January.
>
> RFC patches sent for review only are obviously welcome at any time.
>
> See: https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#development-cycle
> --
> pw-bot: defer
My bad, I prepare this patch on the linux-stable tree and never thought this would happen.
Will also compile on the right tree next time.
So should I send this to net which has this attribute or something?
Thanks are really Sorry
Lin
Powered by blists - more mailing lists