Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932748Ab1DZV1J (ORCPT ); Tue, 26 Apr 2011 17:27:09 -0400 Received: from mga11.intel.com ([192.55.52.93]:60554 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932329Ab1DZVOd (ORCPT ); Tue, 26 Apr 2011 17:14:33 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="4.64,270,1301900400"; d="scan'208";a="684327311" From: Andi Kleen References: <20110426212.641772347@firstfloor.org> In-Reply-To: <20110426212.641772347@firstfloor.org> To: drosenberg@vsecurity.com, socketcan@hartkopp.net, davem@davemloft.net, ak@linux.intel.com, jmm@debian.org, gregkh@suse.de, linux-kernel@vger.kernel.org, stable@kernel.org, tim.bird@am.sony.com Subject: [PATCH] [50/106] CAN: Use inode instead of kernel address for /proc file Message-Id: <20110426211330.5BB5B3E1886@tassilo.jf.intel.com> Date: Tue, 26 Apr 2011 14:13:30 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1892 Lines: 51 2.6.35-longterm review patch. If anyone has any objections, please let me know. ------------------ From: Dan Rosenberg commit 9f260e0efa4766e56d0ac14f1aeea6ee5eb8fe83 upstream. Since the socket address is just being used as a unique identifier, its inode number is an alternative that does not leak potentially sensitive information. CC-ing stable because MITRE has assigned CVE-2010-4565 to the issue. Signed-off-by: Dan Rosenberg Acked-by: Oliver Hartkopp Signed-off-by: David S. Miller Signed-off-by: Andi Kleen Cc: Moritz Muehlenhoff Signed-off-by: Greg Kroah-Hartman --- net/can/bcm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: linux-2.6.35.y/net/can/bcm.c =================================================================== --- linux-2.6.35.y.orig/net/can/bcm.c +++ linux-2.6.35.y/net/can/bcm.c @@ -125,7 +125,7 @@ struct bcm_sock { struct list_head tx_ops; unsigned long dropped_usr_msgs; struct proc_dir_entry *bcm_proc_read; - char procname [20]; /* pointer printed in ASCII with \0 */ + char procname [32]; /* inode number in decimal with \0 */ }; static inline struct bcm_sock *bcm_sk(const struct sock *sk) @@ -1521,7 +1521,7 @@ static int bcm_connect(struct socket *so if (proc_dir) { /* unique socket address as filename */ - sprintf(bo->procname, "%p", sock); + sprintf(bo->procname, "%lu", sock_i_ino(sk)); bo->bcm_proc_read = proc_create_data(bo->procname, 0644, proc_dir, &bcm_proc_fops, sk); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/