All of lore.kernel.org
 help / color / mirror / Atom feed
* two bogus patches arising from CVE-2019-12381
@ 2020-04-01 10:54 Charles Bryant
  2020-04-01 12:46 ` Florian Westphal
  0 siblings, 1 reply; 2+ messages in thread
From: Charles Bryant @ 2020-04-01 10:54 UTC (permalink / raw)
  To: netdev

I believe two patches from last year are mistaken. They are:

https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825

https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515

Both of these make a function return immediately with ENOMEM if a kalloc()
fails.  However in each case the function already correctly handled
allocation failure later on. Furthermore, by making them exit early
on allocation failure, it (very slightly) makes them worse as in some
cases they might have correctly returned EADDRINUSE and not needed the
allocated memory.

I think, therefore, that these changes should be reverted.
-- 
Charles Bryant

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: two bogus patches arising from CVE-2019-12381
  2020-04-01 10:54 two bogus patches arising from CVE-2019-12381 Charles Bryant
@ 2020-04-01 12:46 ` Florian Westphal
  0 siblings, 0 replies; 2+ messages in thread
From: Florian Westphal @ 2020-04-01 12:46 UTC (permalink / raw)
  To: Charles Bryant; +Cc: netdev

Charles Bryant <ch.4g7vxy-nbkl8p@chch.co.uk> wrote:
> I believe two patches from last year are mistaken. They are:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515
> 
> Both of these make a function return immediately with ENOMEM if a kalloc()
> fails.  However in each case the function already correctly handled
> allocation failure later on. Furthermore, by making them exit early
> on allocation failure, it (very slightly) makes them worse as in some
> cases they might have correctly returned EADDRINUSE and not needed the
> allocated memory.
> 
> I think, therefore, that these changes should be reverted.

Both fixes are useless, as you explained above.

But they do not matter.  When GFP_KERNEL allocations fail the entire
system is screwed anyway.

So instead of revert, I would suggest that you wait until net-next
reopens, then:

For the first commit, send a patch that reverts, but also add a comment
that explains the error is handled below the loop.

For the second commit, send a patch that moves the allocation to where its
needed -- the spinlock was converted to a mutex so there is no need
for this ahead-of-time allocation anymore.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-04-01 12:46 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-01 10:54 two bogus patches arising from CVE-2019-12381 Charles Bryant
2020-04-01 12:46 ` Florian Westphal

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.