| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aEs0W32lPsKZiZFp@pop-os.localdomain> Date: Thu, 12 Jun 2025 13:11:07 -0700 From: Cong Wang <xiyou.wangcong@...il.com> To: Eric Dumazet <edumazet@...gle.com> Cc: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, Jamal Hadi Salim <jhs@...atatu.com>, Jiri Pirko <jiri@...nulli.us>, netdev@...r.kernel.org, eric.dumazet@...il.com, Gerrard Tai <gerrard.tai@...rlabs.sg>, stable@...r.kernel.org Subject: Re: [PATCH net] net_sched: sch_sfq: reject invalid perturb period On Wed, Jun 11, 2025 at 08:35:01AM +0000, Eric Dumazet wrote: > Gerrard Tai reported that SFQ perturb_period has no range check yet, > and this can be used to trigger a race condition fixed in a separate patch. > > We want to make sure ctl->perturb_period * HZ will not overflow > and is positive. > > Tested: > > tc qd add dev lo root sfq perturb -10 # negative value : error > Error: sch_sfq: invalid perturb period. > > tc qd add dev lo root sfq perturb 1000000000 # too big : error > Error: sch_sfq: invalid perturb period. > > tc qd add dev lo root sfq perturb 2000000 # acceptable value > tc -s -d qd sh dev lo > qdisc sfq 8005: root refcnt 2 limit 127p quantum 64Kb depth 127 flows 128 divisor 1024 perturb 2000000sec > Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) > backlog 0b 0p requeues 0 Please kindly provide a selftest (as a separate patch) since it looks fairly easy to reproduce. With AI copilot today, this becomes much easier, so hopefully it won't bring you much burden. :) Thanks.
Powered by blists - more mailing lists