kernel / kernel-source

Clone
Source Code
GIT

Blame patches.kabi/sock_cgroup_data-kabi-fix.patch

ALP-current ALP-current-GA ALP-current-RT ALP-current-RT-GA SLE12-SP5 SLE12-SP5-AZURE SLE12-SP5-RT SLE15-SP2-EB SLE15-SP3-RT-LTSS SLE15-SP4-RT-LTSS SLE15-SP5 SLE15-SP5-AZURE SLE15-SP5-RT SLE15-SP6 SLE15-SP6-AZURE SLE15-SP6-AZURE-GA SLE15-SP6-GA SLE15-SP6-RT SLE15-SP6-RT-GA linux-next master packaging scripts slowroll stable vanilla
  1.   SLE12-SP5
  2.   patches.kabi
  3.   sock_cgroup_data-kabi-fix.patch
Blob History Raw
Michal Koutný 34c74f 
From: Michal Koutný <mkoutny@suse.com>
Michal Koutný 34c74f 
Subject: KABI fix for sock_cgroup_data
Michal Koutný 34c74f 
References: bsc#1175213 CVE-2020-14356
Michal Koutný 34c74f 
Patch-mainline: Never, KABI fix
Michal Koutný 34c74f
Michal Koutný 34c74f
Michal Koutný 34c74f 
The commit ad0f75e5f57 ("cgroup: fix cgroup_sk_alloc() for sk_clone_lock()")
Michal Koutný 34c74f 
uses new bit of the u8 member in sock_cgroup_data. This new bit is placed to a
Michal Koutný 34c74f 
previously unused bit offset (within u8) and the boolean is_data member is
Michal Koutný 34c74f 
preserved.
Michal Koutný 34c74f
Michal Koutný 34c74f 
The struct sock_cgroup_data is supposed to be used directly only by the cgroup
Michal Koutný 34c74f 
core and net_cls or net_prio controllers. So we hide the layout change with
Michal Koutný 34c74f 
__GENKSYMS__.
Michal Koutný 34c74f
Michal Koutný 34c74f 
The issue is with no_refcnt,is_data = 0x2 and some users only checking val == 0
Michal Koutný 34c74f 
or is_data (not a bitfield) == 0 should be mitigated in any 3rd party code by
Michal Koutný 34c74f 
proper usage of sock_cgroup_{classid,prioidx,ptr} accessors (who applied
Michal Koutný 34c74f 
bitmask even before the changes).
Michal Koutný 34c74f
Michal Koutný 34c74f 
---
Michal Koutný 34c74f 
 include/linux/cgroup-defs.h |    8 ++++++++
Michal Koutný 34c74f 
 1 file changed, 8 insertions(+)
Michal Koutný 34c74f
Michal Koutný 34c74f 
--- a/include/linux/cgroup-defs.h
Michal Koutný 34c74f 
+++ b/include/linux/cgroup-defs.h
Michal Koutný 34c74f 
@@ -797,9 +797,13 @@ struct sock_cgroup_data {
Michal Koutný 34c74f 
 	union {
Michal Koutný 34c74f 
 #ifdef __LITTLE_ENDIAN
Michal Koutný 34c74f 
 		struct {
Michal Koutný 34c74f 
+#ifdef __GENKSYMS__
Michal Koutný 34c74f 
+			u8	is_data;
Michal Koutný 34c74f 
+#else
Michal Koutný 34c74f 
 			u8	is_data : 1;
Michal Koutný 34c74f 
 			u8	no_refcnt : 1;
Michal Koutný 34c74f 
 			u8	unused : 6;
Michal Koutný 34c74f 
+#endif
Michal Koutný 34c74f 
 			u8	padding;
Michal Koutný 34c74f 
 			u16	prioidx;
Michal Koutný 34c74f 
 			u32	classid;
Michal Koutný 34c74f 
@@ -809,9 +813,13 @@ struct sock_cgroup_data {
Michal Koutný 34c74f 
 			u32	classid;
Michal Koutný 34c74f 
 			u16	prioidx;
Michal Koutný 34c74f 
 			u8	padding;
Michal Koutný 34c74f 
+#ifdef __GENKSYMS__
Michal Koutný 34c74f 
+			u8	is_data;
Michal Koutný 34c74f 
+#else
Michal Koutný 34c74f 
 			u8	unused : 6;
Michal Koutný 34c74f 
 			u8	no_refcnt : 1;
Michal Koutný 34c74f 
 			u8	is_data : 1;
Michal Koutný 34c74f 
+#endif
Michal Koutný 34c74f 
 		} __packed;
Michal Koutný 34c74f 
 #endif
Michal Koutný 34c74f 
 		u64		val;
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.