redonkable/freescale-linux-fslc
redonkable/freescale-linux-fslc
1
0
Fork 0
Code Releases Activity
Fork of Freescale Linux kernel for reMarkable2 https://github.com/Freescale/linux-fslc
676172 commits 64 branches 0 tags 3.9 GiB
C 97.7%
Assembly 1.3%
Shell 0.3%
Makefile 0.3%
Python 0.1%
Other 0.1%
Go to file
Willem de Bruijn 324318f024 netfilter: xtables: zero padding in data_to_user 
When looking up an iptables rule, the iptables binary compares the
aligned match and target data (XT_ALIGN). In some cases this can
exceed the actual data size to include padding bytes.

Before commit f77bc5b23f ("iptables: use match, target and data
copy_to_user helpers") the malloc()ed bytes were overwritten by the
kernel with kzalloced contents, zeroing the padding and making the
comparison succeed. After this patch, the kernel copies and clears
only data, leaving the padding bytes undefined.

Extend the clear operation from data size to aligned data size to
include the padding bytes, if any.

Padding bytes can be observed in both match and target, and the bug
triggered, by issuing a rule with match icmp and target ACCEPT:

  iptables -t mangle -A INPUT -i lo -p icmp --icmp-type 1 -j ACCEPT
  iptables -t mangle -D INPUT -i lo -p icmp --icmp-type 1 -j ACCEPT

Fixes: f77bc5b23f ("iptables: use match, target and data copy_to_user helpers")
Reported-by: Paul Moore <pmoore@redhat.com>
Reported-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2017-05-15 12:51:38 +02:00
arch bpf, arm64: fix faulty emission of map access in tail calls 2017-05-11 12:41:31 -04:00
block Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-05-06 11:25:08 -07:00
certs scripts/spelling.txt: add "intialise(d)" pattern and fix typo instances 2017-05-08 17:15:13 -07:00
crypto treewide: use kv[mz]alloc* rather than opencoded variants 2017-05-08 17:15:13 -07:00
Documentation dmaengine updates for 4.12-rc1 2017-05-09 15:40:28 -07:00
drivers vmxnet3: ensure that adapter is in proper state during force_close 2017-05-12 12:23:52 -04:00
firmware firmware/Makefile: force recompilation if makefile changes 2017-05-08 17:15:10 -07:00
fs Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-05-09 09:12:53 -07:00
include netfilter: xtables: zero padding in data_to_user 2017-05-15 12:51:38 +02:00
init TTY/Serial patches for 4.12-rc1 2017-05-08 18:49:23 -07:00
ipc mm: introduce kv[mz]alloc helpers 2017-05-08 17:15:12 -07:00
kernel bpf: Handle multiple variable additions into packet pointers in verifier. 2017-05-11 19:48:58 -07:00
lib dmaengine updates for 4.12-rc1 2017-05-09 15:40:28 -07:00
mm Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-05-09 09:01:21 -07:00
net netfilter: xtables: zero padding in data_to_user 2017-05-15 12:51:38 +02:00
samples samples/bpf: run cleanup routines when receiving SIGTERM 2017-05-11 21:43:30 -04:00
scripts treewide: spelling: correct diffrent[iate] and banlance typos 2017-05-08 17:15:13 -07:00
security Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-05-09 09:12:53 -07:00
sound alsa: use set_memory.h header 2017-05-08 17:15:14 -07:00
tools bpf: Handle multiple variable additions into packet pointers in verifier. 2017-05-11 19:48:58 -07:00
usr initramfs: provide a way to ignore image provided by bootloader 2017-05-08 17:15:12 -07:00
virt Merge branch 'akpm' (patches from Andrew) 2017-05-08 18:17:56 -07:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Add hch to .get_maintainer.ignore 2015-08-21 14:30:10 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Merge branch 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2016-08-02 16:48:52 -04:00
.mailmap Staging/IIO patches for 4.12-rc1 2017-05-05 18:16:23 -07:00
COPYING
CREDITS avr32: remove support for AVR32 architecture 2017-05-01 09:27:15 +02:00
Kbuild scripts/gdb: provide linux constants 2016-05-23 17:04:14 -07:00
Kconfig
MAINTAINERS ARM: SoC 64-bit changes 2017-05-09 10:04:17 -07:00
Makefile make help: add tools help target 2017-05-08 17:15:10 -07:00
README README: add a new README file, pointing to the Documentation/ 2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.