Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/include/net/netns
History
Eric Dumazet b01a8531d0 netns: provide pure entropy for net_hash_mix() 
[ Upstream commit 355b98553789b646ed97ad801a619ff898471b92 ]

net_hash_mix() currently uses kernel address of a struct net,
and is used in many places that could be used to reveal this
address to a patient attacker, thus defeating KASLR, for
the typical case (initial net namespace, &init_net is
not dynamically allocated)

I believe the original implementation tried to avoid spending
too many cycles in this function, but security comes first.

Also provide entropy regardless of CONFIG_NET_NS.

Fixes: 0b4419162a ("netns: introduce the net_hash_mix "salt" for hashes")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Amit Klein <aksecurity@gmail.com>
Reported-by: Benny Pinkas <benny@pinkas.net>
Cc: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2019-07-27 22:10:05 +02:00
..
conntrack.h
core.h
dccp.h
generic.h
hash.h netns: provide pure entropy for net_hash_mix() 2019-07-27 22:10:05 +02:00
ipv4.h
ipv6.h netfilter: ipv6: nf_defrag: reduce struct net memory waste 2019-07-27 21:52:53 +02:00
mib.h
netfilter.h
packet.h
sctp.h sctp: fix ASCONF list handling 2015-10-01 12:07:34 +02:00
unix.h
x_tables.h
xfrm.h