From: Steffen Klassert <steffen.klassert@secunet.com>
To: Kevin Easton <kevin@guarana.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>, <netdev@vger.kernel.org>,
<linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2 0/2] af_key: Fix for sadb_key memcpy read overrun
Date: Mon, 9 Apr 2018 12:32:47 +0200 [thread overview]
Message-ID: <20180409103247.tfcvthfjsszz3z6y@gauss3.secunet.de> (raw)
In-Reply-To: <cover.1523115061.git.kevin@guarana.org>
On Sat, Apr 07, 2018 at 11:40:18AM -0400, Kevin Easton wrote:
> As found by syzbot, af_key does not properly validate the key length in
> sadb_key messages from userspace. This can result in copying from beyond
> the end of the sadb_key part of the message, or indeed beyond the end of
> the entire packet.
>
> Both these patches apply cleanly to ipsec-next. Based on Steffen's
> feedback I have re-ordered them so that the fix only is in patch 1, which
> I would suggest is also a stable tree candidate, whereas patch 2 is a
> cleanup only.
I think here is some explanation needed. Usually bugfixes and cleanups
don't go to the same tree. On IPsec bugfixes go to the'ipsec' tree
while cleanups and new features go to the 'ipsec-next' tree. So
you need to split up your patchsets into patches that are targeted
to 'ipsec' and 'ipsec-next'. Aside from that, we are in 'merge window'
currently. This means that most maintainers don't accept patches to
their -next trees. If you have patches for a -next tree, wait until
the merge window is over (when v4.17-rc1 is released) and send them
then.
prev parent reply other threads:[~2018-04-09 10:32 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-07 15:40 [PATCH v2 0/2] af_key: Fix for sadb_key memcpy read overrun Kevin Easton
2018-04-07 15:40 ` [PATCH v2 1/2] af_key: Always verify length of provided sadb_key Kevin Easton
2018-04-09 10:33 ` Steffen Klassert
2018-04-07 15:40 ` [PATCH v2 2/2] af_key: Use DIV_ROUND_UP() instead of open-coded equivalent Kevin Easton
2018-04-09 10:34 ` Steffen Klassert
2018-04-10 11:38 ` Kevin Easton
2018-04-09 10:32 ` Steffen Klassert [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180409103247.tfcvthfjsszz3z6y@gauss3.secunet.de \
--to=steffen.klassert@secunet.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=kevin@guarana.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.