mbox series

[net,0/4] net: mctp: struct sock lifetime fixes

Message ID 20230124020106.743966-1-jk@codeconstruct.com.au (mailing list archive)
Headers show
Series net: mctp: struct sock lifetime fixes | expand

Message

Jeremy Kerr Jan. 24, 2023, 2:01 a.m. UTC 
This series is a set of fixes for the sock lifetime handling in the
AF_MCTP code, fixing a uaf reported by Noam Rathaus
<noamr@ssd-disclosure.com>.

The Fixes: tags indicate the original patches affected, but some
tweaking to backport to those commits may be needed; I have a separate
branch with backports to 5.15 if that helps with stable trees.

Of course, any comments/queries most welcome.

Cheers,


Jeremy

---


Jeremy Kerr (3):
  net: mctp: add an explicit reference from a mctp_sk_key to sock
  net: mctp: move expiry timer delete to unhash
  net: mctp: mark socks as dead on unhash, prevent re-add

Paolo Abeni (1):
  net: mctp: hold key reference when looking up a general key

 net/mctp/af_mctp.c | 10 +++++++---
 net/mctp/route.c   | 34 +++++++++++++++++++++-------------
 2 files changed, 28 insertions(+), 16 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org Jan. 25, 2023, 1:10 p.m. UTC | #1 
Hello:

This series was applied to netdev/net.git (master)
by David S. Miller <davem@davemloft.net>:

On Tue, 24 Jan 2023 10:01:02 +0800 you wrote:
> This series is a set of fixes for the sock lifetime handling in the
> AF_MCTP code, fixing a uaf reported by Noam Rathaus
> <noamr@ssd-disclosure.com>.
> 
> The Fixes: tags indicate the original patches affected, but some
> tweaking to backport to those commits may be needed; I have a separate
> branch with backports to 5.15 if that helps with stable trees.
> 
> [...]

Here is the summary with links:
  - [net,1/4] net: mctp: add an explicit reference from a mctp_sk_key to sock
    https://git.kernel.org/netdev/net/c/de8a6b15d965
  - [net,2/4] net: mctp: move expiry timer delete to unhash
    https://git.kernel.org/netdev/net/c/5f41ae6fca9d
  - [net,3/4] net: mctp: hold key reference when looking up a general key
    https://git.kernel.org/netdev/net/c/6e54ea37e344
  - [net,4/4] net: mctp: mark socks as dead on unhash, prevent re-add
    https://git.kernel.org/netdev/net/c/b98e1a04e27f

You are awesome, thank you!