| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aCtDMJDtP0DxUBqj@mini-arch> Date: Mon, 19 May 2025 07:41:52 -0700 From: Stanislav Fomichev <stfomichev@...il.com> To: Pavel Begunkov <asml.silence@...il.com> Cc: netdev@...r.kernel.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, horms@...nel.org, sagi@...mberg.me, willemb@...gle.com, almasrymina@...gle.com, kaiyuanz@...gle.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH net-next] net: devmem: drop iterator type check On 05/19, Pavel Begunkov wrote: > On 5/16/25 23:54, Stanislav Fomichev wrote: > > sendmsg() with a single iov becomes ITER_UBUF, sendmsg() with multiple > > iovs becomes ITER_IOVEC. Instead of adjusting the check to include > > ITER_UBUF, drop the check completely. The callers are guaranteed > > to happen from system call side and we don't need to pay runtime > > cost to verify it. > > I asked for this because io_uring can pass bvecs. Only sendzc can > pass that with cmsg, so probably you won't be able to hit any > real issue, but io_uring needs and soon will have bvec support for > normal sends as well. One can argue we should care as it isn't > merged yet, but there is something very very wrong if an unrelated > and legal io_uring change is able to open a vulnerability in the > devmem path. Any reason not to filter these out on the io_uring side? Or you'll have to interpret sendmsg flags again which is not nice?
Powered by blists - more mailing lists