Re: EtherLeak generic fix - for feedback & testing.

Re: EtherLeak generic fix - for feedback & testing.

[David S. Miller]

   From: Ashish Kalra <ashishk@caldera.com>
   Date: Thu, 13 Feb 2003 17:52:06 +0500

   This is a kernel-2.4.13 patch for a "generic" fix for the Etherleak security
   issue and it works without making modifications to network device drivers. 

Not very interesting as we've fixed the problem and
updated all the necessary drivers already.

EtherLeak generic fix - for feedback & testing.

[Ashish Kalra]

Hello,

This is a kernel-2.4.13 patch for a "generic" fix for the Etherleak security
issue and it works without making modifications to network device drivers. 

The recommended fix for the Etherleak security issue, is to do the padding
in the network drivers and that requires modifications of the affected
drivers. This fix is a link-layer hook to do the padding, hence there is
no need for modifying network drivers.

Ashish Kalra.
The SCO group

Here is the patch :

diff -Naur -X patches/dontdiff linux-2.4.13/drivers/net/net_init.c
linux-2.4.13-eleak/drivers/net/net_init.c
--- linux-2.4.13/drivers/net/net_init.c	Thu Dec 13 17:15:39 2001
+++ linux-2.4.13-eleak/drivers/net/net_init.c	Thu Feb 13 14:36:34 2003
@@ -414,6 +414,9 @@
 
 #endif /* CONFIG_HIPPI */
 
+extern int (*netif_xmit_hook)(struct sk_buff *);
+extern int etherleak_fix(struct sk_buff *);
+
 void ether_setup(struct net_device *dev)
 {
 	/* Fill in the fields of the device structure with ethernet-generic values.
@@ -437,6 +440,10 @@
 
 	/* New-style flags. */
 	dev->flags		= IFF_BROADCAST|IFF_MULTICAST;
+
+	/* TBD: xmit_hook should ideally be part of "net_device" struct */
+	netif_xmit_hook = etherleak_fix;
+
 }
 EXPORT_SYMBOL(ether_setup);
 
diff -Naur -X patches/dontdiff linux-2.4.13/net/core/dev.c
linux-2.4.13-eleak/net/core/dev.c
--- linux-2.4.13/net/core/dev.c	Sat Oct 13 02:51:18 2001
+++ linux-2.4.13-eleak/net/core/dev.c	Thu Feb 13 14:37:36 2003
@@ -949,6 +949,9 @@
 #else
 #define illegal_highdma(dev, skb)	(0)
 #endif
+ 
+/* TBD: xmit_hook ideally should be part of "net_device" */
+int (*netif_xmit_hook)(struct sk_buff *) = 0;
 
 /**
  *	dev_queue_xmit - transmit a buffer
@@ -997,8 +1000,13 @@
 			return -ENOMEM;
 	}
 
+	if ((netif_xmit_hook) && (netif_xmit_hook)(skb)) {
+		;
+	}
+
 	/* Grab device queue */
 	spin_lock_bh(&dev->queue_lock);
+
 	q = dev->qdisc;
 	if (q->enqueue) {
 		int ret = q->enqueue(skb, q);
diff -Naur -X patches/dontdiff linux-2.4.13/net/ethernet/eth.c
linux-2.4.13-eleak/net/ethernet/eth.c
--- linux-2.4.13/net/ethernet/eth.c	Sat Mar  3 00:32:15 2001
+++ linux-2.4.13-eleak/net/ethernet/eth.c	Thu Feb 13 15:30:27 2003
@@ -237,3 +237,32 @@
 {
 	memcpy(((u8*)hh->hh_data) + 2, haddr, dev->addr_len);
 }
+
+/* 
+ * RFCs 894 & 1042, require that the data field should be padded with
+ * octects of zero to meet the Ethernet minimum frame size. The padding is
+ * not part of the IP packet and should not be included in the total length
+ * field of the IP header, it is simply part of link-layer.
+ * This is a generic fix for this "EtherLeak", short Ethernet frame padding
+ * information leakage issue. 
+ * Just try to pad without re-allocating and copying skbuff's to minimize
+ * performance impact, skbuff has additional space allocated by most
protocols
+ * and also due to cacheline size alignment adjustments. It would have been
+ * easier if linux supported chained data-buffers like BSD mbuf's or
+ * STREAMs mblk's   - ashishk@sco.com
+ */
+
+int etherleak_fix(struct sk_buff *skb)
+{
+	int frame_len = skb->len, pad_length = ETH_ZLEN-frame_len;
+
+	if ( (skb->dev->type == ARPHRD_ETHER) && (frame_len < ETH_ZLEN) ) {
+		if ((skb->tail + pad_length) > skb->end)
+			printk(KERN_ALERT "Potential Etherleak security issue detected. Contact
your Network device driver vendor for patch\n"); 
+		else
+			memset( skb_put(skb, pad_length), 0, pad_length);
+	}
+	return 1;
+}
+
+

Re: EtherLeak generic fix - for feedback & testing.

[Alan Cox]

> This is a kernel-2.4.13 patch for a "generic" fix for the Etherleak security
> issue and it works without making modifications to network device drivers. 

The right approach is to fix all the drivers so thats what we did. I can
see why a distro fix for an ancient kernel would be done the way you did
though.

Re: EtherLeak generic fix - for feedback & testing.

[Roger Luethi]

On Thu, 13 Feb 2003 04:09:18 -0800, David S. Miller wrote:
>    From: Ashish Kalra <ashishk@caldera.com>
>    Date: Thu, 13 Feb 2003 17:52:06 +0500
> 
>    This is a kernel-2.4.13 patch for a "generic" fix for the Etherleak security
>    issue and it works without making modifications to network device drivers. 
> 
> Not very interesting as we've fixed the problem and
> updated all the necessary drivers already.

Here's hoping nobody ever writes a driver based on pci-skeleton, which
drives a chip that has no auto-padding but comes without etherleak fix :-P.

Roger