[PATCH] iproute2/misc: do not mix CFLAGS with LDFLAGS

2017-08-04 Thread Marcus Meissner 
during linking, do not use CFLAGS. This avoid clashes when doing PIE builds.
---
 misc/Makefile | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/misc/Makefile b/misc/Makefile
index 72807678..1d86c44d 100644
--- a/misc/Makefile
+++ b/misc/Makefile
@@ -23,17 +23,17 @@ all: $(TARGETS)
 ss: $(SSOBJ)
$(QUIET_LINK)$(CC) $^ $(LDFLAGS) $(LDLIBS) -o $@
 
-nstat: nstat.c
-   $(QUIET_CC)$(CC) $(CFLAGS) $(LDFLAGS) -o nstat nstat.c $(LIBNETLINK) -lm
+nstat: nstat.o
+   $(QUIET_CC)$(CC) $(LDFLAGS) -o nstat nstat.o $(LIBNETLINK) -lm
 
-ifstat: ifstat.c
-   $(QUIET_CC)$(CC) $(CFLAGS) $(LDFLAGS) -o ifstat ifstat.c $(LIBNETLINK) 
-lm
+ifstat: ifstat.o
+   $(QUIET_CC)$(CC) $(LDFLAGS) -o ifstat ifstat.o $(LIBNETLINK) -lm
 
-rtacct: rtacct.c
-   $(QUIET_CC)$(CC) $(CFLAGS) $(LDFLAGS) -o rtacct rtacct.c $(LIBNETLINK) 
-lm
+rtacct: rtacct.o
+   $(QUIET_CC)$(CC) $(LDFLAGS) -o rtacct rtacct.o $(LIBNETLINK) -lm
 
-arpd: arpd.c
-   $(QUIET_CC)$(CC) $(CFLAGS) -I$(DBM_INCLUDE) $(LDFLAGS) -o arpd arpd.c 
$(LIBNETLINK) -ldb -lpthread
+arpd: arpd.o
+   $(QUIET_CC)$(CC) $(LDFLAGS) -o arpd arpd.o $(LIBNETLINK) -ldb -lpthread
 
 ssfilter.c: ssfilter.y
$(QUIET_YACC)bison ssfilter.y -o ssfilter.c
-- 
2.12.3

Re: [oss-security] Linux kernel ping socket / AF_LLC connect() sin_family race

2017-04-04 Thread Marcus Meissner 
Hi,

did anyone request a CVE yet?

Ciao, Marcus
On Sat, Mar 25, 2017 at 01:10:57AM +0100, Solar Designer wrote:
> On Fri, Mar 24, 2017 at 03:21:06PM -0700, Eric Dumazet wrote:
> > Looks easy enough to fix ?
> 
> Oh.  Probably.  Thanks.  Need to test, but I guess you already did?
> 
> > diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
> > index
> > 2af6244b83e27ae384e96cf071c10c5a89674804..ccfbce13a6333a65dab64e4847dd510dfafb1b43
> > 100644
> > --- a/net/ipv4/ping.c
> > +++ b/net/ipv4/ping.c
> > @@ -156,17 +156,18 @@ int ping_hash(struct sock *sk)
> >  void ping_unhash(struct sock *sk)
> >  {
> > struct inet_sock *isk = inet_sk(sk);
> > +
> > pr_debug("ping_unhash(isk=%p,isk->num=%u)\n", isk, isk->inet_num);
> > +   write_lock_bh(_table.lock);
> > if (sk_hashed(sk)) {
> > -   write_lock_bh(_table.lock);
> > hlist_nulls_del(>sk_nulls_node);
> > sk_nulls_node_init(>sk_nulls_node);
> > sock_put(sk);
> > isk->inet_num = 0;
> > isk->inet_sport = 0;
> > sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);
> > -   write_unlock_bh(_table.lock);
> > }
> > +   write_unlock_bh(_table.lock);
> >  }
> >  EXPORT_SYMBOL_GPL(ping_unhash);
> 
> FWIW, in Pavel's original implementation for 2.4.32 (unused), this was:
> 
> static void ping_v4_unhash(struct sock *sk)
> {
>   DEBUG(("ping_v4_unhash(sk=%p,sk->num=%u)\n", sk, sk->num));
>   write_lock_bh(_hash_lock);
>   if (sk->pprev) {
>   if (sk->next)
>  sk->next->pprev = sk->pprev;
>   *sk->pprev = sk->next;
>   sk->pprev = NULL;
>   sk->num = 0;
>   sock_prot_dec_use(sk->prot);
>   __sock_put(sk);
>   }
>   write_unlock_bh(_hash_lock);
> }
> 
> Looks like the erroneous optimization (not expecting concurrent activity
> on the same socket?) was introduced during conversion to 2.6's hlists.
> 
> So far this cursed function had 3 bugs, two of them security (including
> this one) and one probably benign (or if not, then effectively a subset
> of this bug as it performed some unneeded / stale debugging work before
> acquiring the lock), with all 3 introduced in forward-porting.  Maybe
> the nature of forward-porting activity makes people relatively
> inattentive ("compiles with the new interfaces and still works? must be
> correct"), compared to when writing new code.
> 
> Anyhow, I share some responsibility for this mess, for having advocated
> this patch being forward-ported and merged back then.  I still like
> having this functionality and its userspace security benefits... but I
> don't like the kernel bugs.
> 
> Alexander
> 

-- 
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 
3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real <meiss...@suse.de>

[PATCH] use correct array index. (array is just 6 bytes long)

2007-08-16 Thread Marcus Meissner 
From: Marcus Meissner [EMAIL PROTECTED]

Use correct array index (goes from 0-6 instead of 10-16).

Signed-Off-By: Marcus Meissner [EMAIL PROTECTED]
---
 drivers/net/tokenring/3c359.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/drivers/net/tokenring/3c359.c b/drivers/net/tokenring/3c359.c
index 9f1b6ab..5e2437e 100644
--- a/drivers/net/tokenring/3c359.c
+++ b/drivers/net/tokenring/3c359.c
@@ -763,7 +763,7 @@ static int xl_open_hw(struct net_device
if (xl_priv-xl_laa[0]) {  /* If using a LAA address */
for (i=10;i16;i++) { 
writel( (MEM_BYTE_WRITE | 0xD | xl_priv-srb) + i, 
xl_mmio + MMIO_MAC_ACCESS_CMD) ; 
-   writeb(xl_priv-xl_laa[i],xl_mmio + MMIO_MACDATA) ; 
+   writeb(xl_priv-xl_laa[i-10],xl_mmio + MMIO_MACDATA) ;
}
memcpy(dev-dev_addr,xl_priv-xl_laa,dev-addr_len) ; 
} else { /* Regular hardware address */ 
-- 
1.4.3.4
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html