[PATCH] net/tls: move version check after second userspace fetch

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] net/tls: move version check after second userspace fetch
@ 2017-09-24 15:14 Meng Xu
  2017-09-26 18:37 ` David Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Meng Xu @ 2017-09-24 15:14 UTC (permalink / raw)
  To: ilyal, aviadye, davejwatson, davem, netdev, linux-kernel
  Cc: meng.xu, sanidhya, taesoo, Meng Xu

Even the userspace buffer optval passed the version check
(i.e., tmp_crypto_info.version == TLS_1_2_VERSION) after the first fetch,
it can still be changed before the second copy_from_user() and hence,
a version different than TLS_1_2_VERSION may be copied into crypto_info.
This patch moves the version check after the second userspace fetch.

Signed-off-by: Meng Xu <mengxu.gatech@gmail.com>
---
 net/tls/tls_main.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index 60aff60..d4a7bc6 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -354,12 +354,6 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,
 		goto out;
 	}
 
-	/* check version */
-	if (tmp_crypto_info.version != TLS_1_2_VERSION) {
-		rc = -ENOTSUPP;
-		goto out;
-	}
-
 	/* get user crypto info */
 	crypto_info = &ctx->crypto_send;
 
@@ -382,6 +376,12 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,
 			rc = -EFAULT;
 			goto err_crypto_info;
 		}
+
+		/* check version */
+		if (crypto_info->version != TLS_1_2_VERSION) {
+			rc = -ENOTSUPP;
+			goto err_crypto_info;
+		}
 		break;
 	}
 	default:
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] net/tls: move version check after second userspace fetch
  2017-09-24 15:14 [PATCH] net/tls: move version check after second userspace fetch Meng Xu
@ 2017-09-26 18:37 ` David Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2017-09-26 18:37 UTC (permalink / raw)
  To: mengxu.gatech
  Cc: ilyal, aviadye, davejwatson, netdev, linux-kernel, meng.xu,
	sanidhya, taesoo

From: Meng Xu <mengxu.gatech@gmail.com>
Date: Sun, 24 Sep 2017 11:14:55 -0400

> @@ -382,6 +376,12 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,
>  			rc = -EFAULT;
>  			goto err_crypto_info;
>  		}
> +
> +		/* check version */
> +		if (crypto_info->version != TLS_1_2_VERSION) {
> +			rc = -ENOTSUPP;
> +			goto err_crypto_info;
> +		}
>  		break;
>  	}
>  	default:
> -- 
> 2.7.4
> 

Please, again, deduce this into a single userspace copy.  Otherwise we're going to
add this check for every cipher we add new support for.

Copy the on-stack crypto info ("tmp_crypto_info") into 'crypto_info' and then
bring in from userspace any further bytes that need to be copied.

That guarantees that the version will not change, and the existing check can
stay where it is.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2017-09-26 18:37 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-24 15:14 [PATCH] net/tls: move version check after second userspace fetch Meng Xu
2017-09-26 18:37 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).