From: Ben Hutchings <bhutchings@solarflare.com>
To: Richard Cochran <richardcochran@gmail.com>
Cc: netdev@vger.kernel.org, David Miller <davem@davemloft.net>
Subject: Re: [PATCH net-next 1/1] net: validate HWTSTAMP ioctl parameters
Date: Wed, 19 Oct 2011 22:16:56 +0100 [thread overview]
Message-ID: <1319059016.2829.68.camel@bwh-desktop> (raw)
In-Reply-To: <eca6d279cd96da44d9ad26bdda8fc8c2130c03c1.1318584677.git.richard.cochran@omicron.at>
On Fri, 2011-10-14 at 11:37 +0200, Richard Cochran wrote:
> This patch adds a sanity check on the values provided by user space for
> the hardware time stamping configuration. If the values lie outside of
> the absolute limits, then the ioctl request will be denied.
[...]
What does this validation buy us? The driver still has to copy the
values into kernel space again, at which point they may have been
changed to be invalid. Depending on how the driver uses them (perhaps
as array indices), it may have to validate them again to avoid a
security vulnerability.
I think that either SIOCHWTSTAMP should be handled through a discrete
device operation (not ndo_ioctl) which receives a pointer to the
validated structure in kernel memory, or a validation function should be
exported to drivers so that they can call it from their ndo_ioctl
implementations after copying the structure into kernel memory.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
next prev parent reply other threads:[~2011-10-19 21:16 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-20 11:43 [PATCH net-next 0/3] ptp: feature enhancements Richard Cochran
2011-09-20 11:43 ` [PATCH net-next 1/3] dp83640: enable six external events and one periodic output Richard Cochran
2011-09-20 11:43 ` [PATCH net-next 2/3] net: introduce ptp one step time stamp mode for sync packets Richard Cochran
2011-09-20 11:43 ` [PATCH net-next 3/3] dp83640: add time stamp insertion for sync messages Richard Cochran
2011-09-26 20:04 ` [PATCH net-next 0/3] ptp: feature enhancements David Miller
2011-09-28 8:00 ` Richard Cochran
2011-09-28 8:17 ` David Miller
2011-10-14 9:37 ` [PATCH net-next 0/1] net: validate HWTSTAMP ioctl parameters Richard Cochran
2011-10-14 9:37 ` [PATCH net-next 1/1] " Richard Cochran
2011-10-19 21:01 ` David Miller
2011-10-19 21:16 ` Ben Hutchings [this message]
2011-10-20 16:35 ` Richard Cochran
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1319059016.2829.68.camel@bwh-desktop \
--to=bhutchings@solarflare.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=richardcochran@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).