Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-29 07:31:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
57fe93b374
linux/net/core
History
David S. Miller 57fe93b374 filter: make sure filters dont read uninitialized memory 
There is a possibility malicious users can get limited information about
uninitialized stack mem array. Even if sk_run_filter() result is bound
to packet length (0 .. 65535), we could imagine this can be used by
hostile user.

Initializing mem[] array, like Dan Rosenberg suggested in his patch is
expensive since most filters dont even use this array.

Its hard to make the filter validation in sk_chk_filter(), because of
the jumps. This might be done later.

In this patch, I use a bitmap (a single long var) so that only filters
using mem[] loads/stores pay the price of added security checks.

For other filters, additional cost is a single instruction.

[ Since we access fentry->k a lot now, cache it in a local variable
  and mark filter entry pointer as const. -DaveM ]

Reported-by: Dan Rosenberg <drosenberg@vsecurity.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-10 10:38:24 -08:00
..
datagram.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
dev_addr_lists.c net: include linux/proc_fs.h in dev_addr_lists.c 2010-04-07 16:46:36 -07:00
dev.c net: check queue_index from sock is valid for device 2010-11-01 12:55:52 -07:00
drop_monitor.c drop_monitor: use genl_register_family_with_ops() 2010-07-26 20:59:42 -07:00
dst.c net/dst: dst_dev_event() called after other notifiers 2010-11-09 12:17:16 -08:00
ethtool.c ethtool: Add support for vlan accleration. 2010-10-21 01:26:54 -07:00
fib_rules.c fib_rules: __rcu annotates ctarget 2010-10-27 11:37:32 -07:00
filter.c filter: make sure filters dont read uninitialized memory 2010-11-10 10:38:24 -08:00
flow.c net: return operator cleanup 2010-09-23 14:33:39 -07:00
gen_estimator.c pkt_sched: remov unnecessary bh_disable 2010-09-10 12:47:59 -07:00
gen_stats.c net/core: EXPORT_SYMBOL cleanups 2010-07-12 12:57:55 -07:00
iovec.c net: Limit socket I/O iovec total length to INT_MAX. 2010-10-28 11:47:52 -07:00
kmap_skb.h
link_watch.c net/core: EXPORT_SYMBOL cleanups 2010-07-12 12:57:55 -07:00
Makefile net: support time stamping in phy devices. 2010-07-18 19:15:26 -07:00
neighbour.c net/neighbour: cancel_delayed_work() + flush_scheduled_work() -> cancel_delayed_work_sync() 2010-10-21 04:25:48 -07:00
net_namespace.c net_ns: add __rcu annotations 2010-10-25 14:18:27 -07:00
net-sysfs.c rps: add __rcu annotations 2010-10-25 14:18:27 -07:00
net-sysfs.h net: Allow changing number of RX queues after device allocation 2010-09-27 22:09:49 -07:00
net-traces.c netdev: Add tracepoints to netdev layer 2010-09-07 17:51:33 +02:00
netevent.c net/core: EXPORT_SYMBOL cleanups 2010-07-12 12:57:55 -07:00
netpoll.c netpoll: Revert napi_poll fix for bonding driver 2010-10-20 01:44:30 -07:00
pktgen.c pktgen: correct uninitialized queue_map 2010-11-08 12:17:07 -08:00
request_sock.c net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
rtnetlink.c rtnetlink: remove rtnl_kill_links 2010-10-21 03:09:45 -07:00
scm.c net/core: EXPORT_SYMBOL cleanups 2010-07-12 12:57:55 -07:00
skbuff.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
sock.c net: add __rcu annotation to sk_filter 2010-10-25 14:18:28 -07:00
stream.c net: Fix the condition passed to sk_wait_event() 2010-10-03 20:41:32 -07:00
sysctl_net_core.c rps: add __rcu annotations 2010-10-25 14:18:27 -07:00
timestamping.c net: support time stamping in phy devices. 2010-07-18 19:15:26 -07:00
user_dma.c net/core/user_dma.c: Use frag list abstraction interfaces. 2009-06-09 00:19:10 -07:00
utils.c net: return operator cleanup 2010-09-23 14:33:39 -07:00