| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aQqMOoy9_pmdcwHS@krikkit>
Date: Wed, 5 Nov 2025 00:28:58 +0100
From: Sabrina Dubroca <sd@...asysnail.net>
To: Nate Karstens <nate.karstens@...min.com>
Cc: netdev@...r.kernel.org, Nate Karstens <nate.karstens@...il.com>,
Tom Herbert <tom@...ntonium.net>, stable@...r.kernel.org,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
Simon Horman <horms@...nel.org>,
John Fastabend <john.fastabend@...il.com>,
"Dr. David Alan Gilbert" <linux@...blig.org>,
Jiayuan Chen <mrpre@....com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] strparser: Fix signed/unsigned mismatch bug
2025-11-04, 11:42:03 -0600, Nate Karstens wrote:
> The `len` member of the sk_buff is an unsigned int. This is cast to
> `ssize_t` (a signed type) for the first sk_buff in the comparison,
> but not the second sk_buff. This change ensures both len values are
> cast to `ssize_t`.
>
> This appears to cause an issue with ktls when multiple TLS PDUs are
> included in a single TCP segment.
Can you describe a bit more the problematic case (state of the
strparser and all the variables involved maybe?), and how the added
cast fixes it?
And what kernel version are you using to trigger this issue (and then
verify the fix)? ktls hasn't used net/strparser for quite a while (see
commit 84c61fe1a75b ("tls: rx: do not use the standard strparser")).
> Signed-off-by: Nate Karstens <nate.karstens@...min.com>
A Fixes: tag would also be good, and the subject prefix should be
"[PATCH net]" for bugfixes.
--
Sabrina
Powered by blists - more mailing lists