Re: 'skb' buffer address information leakage

From: Jakub Kicinski
Date: Tue Jul 04 2017 - 01:27:58 EST

Next message: Juergen Gross: "Re: [Xen-devel] [PATCH] xen/balloon: don't online new memory initially"
Previous message: Sergey Senozhatsky: "Re: [RFC][PATCHv3 2/5] printk: introduce printing kernel thread"
In reply to: Dison River: "'skb' buffer address information leakage"
Next in thread: Greg KH: "Re: 'skb' buffer address information leakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 4 Jul 2017 13:12:18 +0800, Dison River wrote:
> drivers/net/ethernet/netronome/nfp/nfp_net_debugfs.c:167
> seq_printf(file, " frag=%p", skb);

FWIW that's actually not a skb pointer. The structure is defined like
this:

struct nfp_net_tx_buf {
union {
struct sk_buff *skb;
void *frag;
};
dma_addr_t dma_addr;
short int fidx;
u16 pkt_cnt;
u32 real_len;
};

So the line in question is actually reading the frag pointer, I just
reused the skb variable, because this has to be read via READ_ONCE()
and NULL-checked so I thought that doing it separately for skb and
frag is a waste of LOC especially in debug code. I will queue up a
clean up for after the merge window.

Thanks!

Next message: Juergen Gross: "Re: [Xen-devel] [PATCH] xen/balloon: don't online new memory initially"
Previous message: Sergey Senozhatsky: "Re: [RFC][PATCHv3 2/5] printk: introduce printing kernel thread"
In reply to: Dison River: "'skb' buffer address information leakage"
Next in thread: Greg KH: "Re: 'skb' buffer address information leakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]