> -----Original Message----- > From: Leon Romanovsky [mailto:leon@xxxxxxxxxx] > Sent: Monday, October 23, 2017 2:04 PM > To: Doug Ledford <dledford@xxxxxxxxxx> > Cc: Ruhl, Michael J <michael.j.ruhl@xxxxxxxxx>; Torvalds, Linus <torvalds@linux- > foundation.org>; linux-rdma@xxxxxxxxxxxxxxx > Subject: Re: [PATCH] RDMA/netlink: OOPs in rdma_nl_rcv_msg() from > misinterpreted flag > > On Mon, Oct 23, 2017 at 01:39:44PM -0400, Doug Ledford wrote: > > On Mon, 2017-10-23 at 20:12 +0300, Leon Romanovsky wrote: > > > On Mon, Oct 23, 2017 at 10:49:24AM -0400, Doug Ledford wrote: > > > > On 10/23/2017 4:11 AM, Leon Romanovsky wrote: > > > Doug, > > > > > > It has very little related to security here. The RDMA_NL_LS netlink > > > operations require CAP_NET_ADMIN capability set and it is checked > > > before > > > calling any callback. > > > > I disagree. In this particular case, it wasn't a nefarious user, it > > was a simple misconfiguration that cause the kernel to oops. So even > > if you have CAP_NET_ADMIN, you still don't want a user space issue to > > oops the kernel. If you simply don't allow it to happen, then whether > > the CAP_NET_ADMIN program has been compromised by a black hat user is > > irrelevant. That seems the right way to be to me. > > OK, fix exists and if you want to call it "security issue", let's call it so. > > Despite the fact that root misconfigured the system, root run the program, > root crashed the system, like all over kernel oops we are seeing in linux kernel. > > Thanks I did repeat this once without the misconfiguration. The scenario was that I had that a local (ibacm client 0) did a look up, got an error, and the system crashed. I have been trying to remember what I did, but haven't repeated it a second time. I will see if I can figure out how to make it happen again. M > > > > -- > > Doug Ledford <dledford@xxxxxxxxxx> > > GPG KeyID: B826A3330E572FDD > > Key fingerprint = AE6B 1BDA 122B 23B4 265B 1274 B826 A333 0E57 2FDD > > -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
