Received: by 2002:a05:6a10:a841:0:0:0:0 with SMTP id d1csp589455pxy; Wed, 21 Apr 2021 09:58:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzxqUlnqBBlv3aDg7BOX7N03viMdKWMUJoo4hH18F/EA56FO5wH/r4S6NbN2iL6cMFWZfkP X-Received: by 2002:a17:906:524f:: with SMTP id y15mr33462554ejm.65.1619024287641; Wed, 21 Apr 2021 09:58:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1619024287; cv=none; d=google.com; s=arc-20160816; b=Nxn8CfAbwLG2aiMdAL9uDRtTcHioRmnh87GyvAJiXIMCUEzpgSHTjFh2TJkEs9EvPm /cP40DZ3co5sNYn0jU2cWlThfZh5iCiI18WiWxIwoTaGsQykyamdgjIUYvkcU9X/0SuI StKmLqhDO0ZpAZ+5WPBc0Dt+JsxyLK/Mw/ML2NvuPyMo7mjkpegDI1xJVrfUU1nQBgH7 aAJSg9QqA5Qo/WR1Kzn4dZWfSieL08RXzqnJFtVwbVEwhKcBfKCK5+v8jykXwfbEncfy r/cHS8wIjvBgiafwmDV17mwzh1m4S7C2a7gSntcvJaK7+jCLhf3tGmX31+OVOyRpvcyg +THg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vkMUhEeAPnyWvcJtTwmCD5pkVfx29dcWbpo6bgoKd4Y=; b=rkZt3DqRMb26d4uJdDC1gvbg+RwReq+DvY/m6qM0eITkWze7QLW3KBkP4jF+EP4FXW Ndt/stKFLr/DQZkL/++tQtOKTELBZ0sqk+b8acOlqU/UadmYx+8Q41274MAw1yF5WQMb VabE5E3ecH2i+D7hTIHqk2tsP3Ycj1JQQrzYS1qmMcQpPCZfMT6dH9JfDGNdzcHI6g+F 6JANn8ZIH0ml7kQkgUXbMsFbQ9A2pSyG5fR3ChOjOP9VXOthwpASjcKa1rJERuFIlr4Y 71EQHa/IDxT8MlRh5QUTS3/tpEB0YlxIqVi5Mk2fO8nMeNpkYYHIipaRuyl4zHWIl40U 8Nfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=NyI4P1TE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b11si2429703edx.171.2021.04.21.09.57.44; Wed, 21 Apr 2021 09:58:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=NyI4P1TE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242355AbhDUNTX (ORCPT + 99 others); Wed, 21 Apr 2021 09:19:23 -0400 Received: from mail.kernel.org ([198.145.29.99]:52688 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242253AbhDUNJ6 (ORCPT ); Wed, 21 Apr 2021 09:09:58 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 858BA61440; Wed, 21 Apr 2021 13:09:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1619010564; bh=7JmVUAZ7giIE4HFNf49LkOz7t12ZepTbU4f9xj1i5CI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=NyI4P1TEtpzUBQgRFTGdGHAFHd5M1XJxQyqo842zRUUwB4kEU47BtwdImiu5/ktjr TyAgEXE6R0vwA2GZvpKRcMpec1oRLE/NAygfXKecasWngBfyb9cWYP2d34dIuPMAKi iH8jCElNOYDuDUWXw3rY2FdYA35KWXAmflJ8UvZ0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , Wenwen Wang , "David S . Miller" Subject: [PATCH 180/190] Revert "net: socket: fix a missing-check bug" Date: Wed, 21 Apr 2021 15:00:55 +0200 Message-Id: <20210421130105.1226686-181-gregkh@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210421130105.1226686-1-gregkh@linuxfoundation.org> References: <20210421130105.1226686-1-gregkh@linuxfoundation.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This reverts commit b6168562c8ce2bd5a30e213021650422e08764dc. Commits from @umn.edu addresses have been found to be submitted in "bad faith" to try to test the kernel community's ability to review "known malicious" changes. The result of these submissions can be found in a paper published at the 42nd IEEE Symposium on Security and Privacy entitled, "Open Source Insecurity: Stealthily Introducing Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University of Minnesota) and Kangjie Lu (University of Minnesota). Because of this, all submissions from this group must be reverted from the kernel tree and will need to be re-reviewed again to determine if they actually are a valid fix. Until that work is complete, remove this change to ensure that no problems are being introduced into the codebase. Cc: Wenwen Wang Cc: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/socket.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/net/socket.c b/net/socket.c index 84a8049c2b09..d4176362a27b 100644 --- a/net/socket.c +++ b/net/socket.c @@ -3182,14 +3182,9 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) copy_in_user(&rxnfc->fs.ring_cookie, &compat_rxnfc->fs.ring_cookie, (void __user *)(&rxnfc->fs.location + 1) - - (void __user *)&rxnfc->fs.ring_cookie)) - return -EFAULT; - if (ethcmd == ETHTOOL_GRXCLSRLALL) { - if (put_user(rule_cnt, &rxnfc->rule_cnt)) - return -EFAULT; - } else if (copy_in_user(&rxnfc->rule_cnt, - &compat_rxnfc->rule_cnt, - sizeof(rxnfc->rule_cnt))) + (void __user *)&rxnfc->fs.ring_cookie) || + copy_in_user(&rxnfc->rule_cnt, &compat_rxnfc->rule_cnt, + sizeof(rxnfc->rule_cnt))) return -EFAULT; } -- 2.31.1