From patchwork Mon Jul 1 17:02:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bethany Jamison X-Patchwork-Id: 1954856 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WCXQy6mcKz1xpk for ; Tue, 2 Jul 2024 03:02:34 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1sOKQ0-0002IJ-36; Mon, 01 Jul 2024 17:02:20 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1sOKPz-0002IC-3C for kernel-team@lists.ubuntu.com; Mon, 01 Jul 2024 17:02:19 +0000 Received: from mail-il1-f198.google.com (mail-il1-f198.google.com [209.85.166.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id C25313F4BE for ; Mon, 1 Jul 2024 17:02:18 +0000 (UTC) Received: by mail-il1-f198.google.com with SMTP id e9e14a558f8ab-3762b8b440cso40233545ab.0 for ; Mon, 01 Jul 2024 10:02:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719853337; x=1720458137; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/2L8HF3TJ4g7mBGYUrRqriZe5vnsnnHfDRmmzsfHbfI=; b=wcR+efxqvRtFyo7FH2ZzRmqGcR0eXsPK1hayT/a1V/DXR29w6sYsx4bvkQSyo27y8g m1iZas/myDXxjVK0BHrEkvlYaIdzF4zU/6gZdasp+e7UYskPoMhnVsKf/ore8j3hiafH u78NlfULKlbBpvtyGxJQalMVg3/NwC78g5iuh0vPhH5GwgrjnKzi3caL7shaoZ1a2qW+ if5n4tHiGOLlQIW7fYWWWYq79kXA7e4a2EGXnVINTWAN0etMeSmloDeYJ+8YuSqLb1YK +VREt5rlxURvfrQsIo0WziSA6is2IEBp9h5Wyll+uadIzgYjuLfXMhVFL/m6lJSwRSSn cJ8Q== X-Gm-Message-State: AOJu0YxZP5VtrWnntPfdfh95CooN2URGzEfni3D4XYMP+goJj/+32ONM B7sVhShk4nOUlmLOPVsR4z8vwQoZNQHfV3/waJsC34nHhk4cbJN6IqjqNMPIKblFi0FCOJTG4c5 qOiB1AaO7/1Wh8Igwa8Dh3qLesifV5DctVQoABdjZ7lYy0ELVWXfD6gKzscH6cC64jX2ag+sABz sWoxCZ8L4ZmA== X-Received: by 2002:a05:6e02:214c:b0:375:b45c:d8f1 with SMTP id e9e14a558f8ab-37cd2bedcedmr96520095ab.25.1719853337074; Mon, 01 Jul 2024 10:02:17 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH5gQbpYpzowBpEJtUcGqQ2tE5C3lef3qk+petyf8FaofFslIsDijDM3gk/gYFY56AEdf1BPA== X-Received: by 2002:a05:6e02:214c:b0:375:b45c:d8f1 with SMTP id e9e14a558f8ab-37cd2bedcedmr96519905ab.25.1719853336690; Mon, 01 Jul 2024 10:02:16 -0700 (PDT) Received: from smtp.gmail.com (167-248-51-36.oa02.lnk04.ne.dynamic.allophone.net. [167.248.51.36]) by smtp.gmail.com with ESMTPSA id e9e14a558f8ab-37ad29814d9sm19744055ab.21.2024.07.01.10.02.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Jul 2024 10:02:16 -0700 (PDT) From: Bethany Jamison To: kernel-team@lists.ubuntu.com Subject: [SRU][J][PATCH v2 0/3] CVE-2024-27017 Date: Mon, 1 Jul 2024 12:02:12 -0500 Message-Id: <20240701170215.17623-1-bethany.jamison@canonical.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" [Impact] netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure is to be used. Add notation to specify if user wants to read/update the set. Based on patch from Florian Westphal. [Fix] Noble: pending Jammy: Clean cherry-pick for prereq commit, Backport fix commit for context conflict with neighboring function that shouldn't impact this cve, fix applied as given, (v2) added additional fix commit with a clean cherry-pick Focal: not affected Bionic: not affected Xenial: not affected Trusty: not affected [Test Case] Compile and boot tested [Where problems could occur] This fix affects those who use the netfilter framework, an issue with this fix would be visible to the user via unexpected system behavior. v2: added follow up fix commit found by Manuel efefd4f00c96 netfilter: nf_tables: missing iterator type in lookup walk Florian Westphal (1): netfilter: nft_set_pipapo: constify lookup fn args where possible Pablo Neira Ayuso (2): netfilter: nft_set_pipapo: walk over current view on netlink dump netfilter: nf_tables: missing iterator type in lookup walk include/net/netfilter/nf_tables.h | 13 +++++++ net/netfilter/nf_tables_api.c | 6 +++ net/netfilter/nft_lookup.c | 1 + net/netfilter/nft_set_pipapo.c | 24 +++++++----- net/netfilter/nft_set_pipapo.h | 6 +-- net/netfilter/nft_set_pipapo_avx2.c | 59 +++++++++++++++++------------ 6 files changed, 72 insertions(+), 37 deletions(-) Acked-by: Manuel Diewald Acked-by: Kuba Pawlak