* [PATCH 1/1] openvswitch: fix infoleak in conntrack
@ 2020-06-16 2:13 Xidong Wang
2020-06-16 7:17 ` Pravin Shelar
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Xidong Wang @ 2020-06-16 2:13 UTC (permalink / raw)
To: Xidong Wang, Pravin B Shelar, David S . Miller, Jakub Kicinski,
netdev, dev, linux-kernel
From: xidongwang <wangxidong_97@163.com>
The stack object “zone_limit” has 3 members. In function
ovs_ct_limit_get_default_limit(), the member "count" is
not initialized and sent out via “nla_put_nohdr”.
Signed-off-by: xidongwang <wangxidong_97@163.com>
---
net/openvswitch/conntrack.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
index 4340f25..1b7820a 100644
--- a/net/openvswitch/conntrack.c
+++ b/net/openvswitch/conntrack.c
@@ -2020,6 +2020,7 @@ static int ovs_ct_limit_get_default_limit(struct ovs_ct_limit_info *info,
{
struct ovs_zone_limit zone_limit;
int err;
+ memset(&zone_limit, 0, sizeof(zone_limit));
zone_limit.zone_id = OVS_ZONE_LIMIT_DEFAULT_ZONE;
zone_limit.limit = info->default_limit;
--
2.7.4
^ permalink raw reply related [flat|nested] 4+ messages in thread* Re: [PATCH 1/1] openvswitch: fix infoleak in conntrack
2020-06-16 2:13 [PATCH 1/1] openvswitch: fix infoleak in conntrack Xidong Wang
@ 2020-06-16 7:17 ` Pravin Shelar
2020-06-16 7:44 ` [ovs-dev] " Tonghao Zhang
2020-06-16 8:42 ` Simon Horman
2 siblings, 0 replies; 4+ messages in thread
From: Pravin Shelar @ 2020-06-16 7:17 UTC (permalink / raw)
To: Xidong Wang
Cc: David S . Miller, Jakub Kicinski,
Linux Kernel Network Developers, ovs dev, LKML
On Mon, Jun 15, 2020 at 7:13 PM Xidong Wang <wangxidong_97@163.com> wrote:
>
> From: xidongwang <wangxidong_97@163.com>
>
> The stack object “zone_limit” has 3 members. In function
> ovs_ct_limit_get_default_limit(), the member "count" is
> not initialized and sent out via “nla_put_nohdr”.
>
> Signed-off-by: xidongwang <wangxidong_97@163.com>
Looks good.
Acked-by: Pravin B Shelar <pshelar@ovn.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ovs-dev] [PATCH 1/1] openvswitch: fix infoleak in conntrack
2020-06-16 2:13 [PATCH 1/1] openvswitch: fix infoleak in conntrack Xidong Wang
2020-06-16 7:17 ` Pravin Shelar
@ 2020-06-16 7:44 ` Tonghao Zhang
2020-06-16 8:42 ` Simon Horman
2 siblings, 0 replies; 4+ messages in thread
From: Tonghao Zhang @ 2020-06-16 7:44 UTC (permalink / raw)
To: Xidong Wang
Cc: Pravin B Shelar, David S . Miller, Jakub Kicinski,
Linux Kernel Network Developers, ovs dev, LKML
On Tue, Jun 16, 2020 at 10:13 AM Xidong Wang <wangxidong_97@163.com> wrote:
>
> From: xidongwang <wangxidong_97@163.com>
>
> The stack object “zone_limit” has 3 members. In function
> ovs_ct_limit_get_default_limit(), the member "count" is
> not initialized and sent out via “nla_put_nohdr”.
>
> Signed-off-by: xidongwang <wangxidong_97@163.com>
> ---
> net/openvswitch/conntrack.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
> index 4340f25..1b7820a 100644
> --- a/net/openvswitch/conntrack.c
> +++ b/net/openvswitch/conntrack.c
> @@ -2020,6 +2020,7 @@ static int ovs_ct_limit_get_default_limit(struct ovs_ct_limit_info *info,
> {
> struct ovs_zone_limit zone_limit;
> int err;
> + memset(&zone_limit, 0, sizeof(zone_limit));
why not init zone.count == 0, instead of memset, because zone_id/limit
will be inited later.
memset uses more cpu cycles.
> zone_limit.zone_id = OVS_ZONE_LIMIT_DEFAULT_ZONE;
> zone_limit.limit = info->default_limit;
> --
> 2.7.4
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
--
Best regards, Tonghao
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [ovs-dev] [PATCH 1/1] openvswitch: fix infoleak in conntrack
2020-06-16 2:13 [PATCH 1/1] openvswitch: fix infoleak in conntrack Xidong Wang
2020-06-16 7:17 ` Pravin Shelar
2020-06-16 7:44 ` [ovs-dev] " Tonghao Zhang
@ 2020-06-16 8:42 ` Simon Horman
2 siblings, 0 replies; 4+ messages in thread
From: Simon Horman @ 2020-06-16 8:42 UTC (permalink / raw)
To: Xidong Wang
Cc: Pravin B Shelar, David S . Miller, Jakub Kicinski, netdev, dev,
linux-kernel
On Mon, Jun 15, 2020 at 07:13:01PM -0700, Xidong Wang wrote:
> From: xidongwang <wangxidong_97@163.com>
>
> The stack object “zone_limit” has 3 members. In function
> ovs_ct_limit_get_default_limit(), the member "count" is
> not initialized and sent out via “nla_put_nohdr”.
Hi Xidong,
thanks for your patch.
It appears that the patch is a fix. So I think that subject should be
targeted at the net tree and thus the subject should include
"[PATCH net]". (The other option being to target the net-next tree
in which case the subject should include "[PATCH net-next]".)
Also, as a fix it would be useful to include a fixes tag that references
the patch that introduced the problem. This is to facilitate backporting
to -stable branches of released kernels. In this case the following seems
appropriate.
Fixes: 11efd5cb04a1 ("openvswitch: Support conntrack zone limit")
> Signed-off-by: xidongwang <wangxidong_97@163.com>
> ---
> net/openvswitch/conntrack.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
> index 4340f25..1b7820a 100644
> --- a/net/openvswitch/conntrack.c
> +++ b/net/openvswitch/conntrack.c
> @@ -2020,6 +2020,7 @@ static int ovs_ct_limit_get_default_limit(struct ovs_ct_limit_info *info,
> {
> struct ovs_zone_limit zone_limit;
> int err;
There should be a blank line here.
> + memset(&zone_limit, 0, sizeof(zone_limit));
Moreover, initializing the entire structure to zero only to overwrite
most of its fields immediately below seems a bit inefficient.
Perhaps it would be better to just initialise count.
> zone_limit.zone_id = OVS_ZONE_LIMIT_DEFAULT_ZONE;
> zone_limit.limit = info->default_limit;
zone_limit.count = 0;
> --
> 2.7.4
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-06-16 8:42 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-16 2:13 [PATCH 1/1] openvswitch: fix infoleak in conntrack Xidong Wang
2020-06-16 7:17 ` Pravin Shelar
2020-06-16 7:44 ` [ovs-dev] " Tonghao Zhang
2020-06-16 8:42 ` Simon Horman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).