On 13/04/2015 16:29, Yann Droneaud wrote:
> Le jeudi 02 avril 2015 à 18:12 +, Haggai Eran a écrit :
...
>>
>> I want to add that we would like to see users registering a very large
>> memory region (perhaps the entire process address space) for local
>> access, and then enabling remote access o
Hi,
Le jeudi 02 avril 2015 à 18:12 +, Haggai Eran a écrit :
> On Thursday, April 2, 2015 7:44 PM, Shachar Raindel wrote:
> >> -Original Message-
> >> From: Yann Droneaud [mailto:ydrone...@opteya.com]
> >> Le jeudi 02 avril 2015 à 18:18 +0300, Haggai Eran a écrit :
> >> > On 02/04/2015
or overflow in PAGE_ALIGN(addr + size).
[1] "Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical
memory access"
http://mid.gmane.org/1428497043.22575.176.ca...@opteya.com
http://marc.info/?i=1428497043.22575.176.ca...@opteya.com
[2] [PATCH RESEND 0/2] Fixes on top
egistering
memory mapped at 0 (which is probably not something to be allowed,
but it's not up to ib_umem_get() to prevent it).
[1] "Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical
memory access"
http://mid.gmane.org/1428497043.22575.176.ca...@opteya
obably not something to be allowed,
but it's not up to ib_umem_get() to prevent it).
[1] "Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical
memory access"
http://mid.gmane.org/1428497043.22575.176.ca...@opteya.com
http://marc.info/?i=1428497043.22575.176.ca...@o
Hi,
Le mercredi 08 avril 2015 à 14:19 +0200, Yann Droneaud a écrit :
> Le jeudi 02 avril 2015 à 16:34 +, Shachar Raindel a écrit :
> > > -Original Message-
> > > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> > > Sent: Thursday, April 02, 2015 6:16 PM
> > > Le jeudi 02 avril 2015
Hi,
Le jeudi 02 avril 2015 à 16:34 +, Shachar Raindel a écrit :
> > -Original Message-
> > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> > Sent: Thursday, April 02, 2015 6:16 PM
> > Le jeudi 02 avril 2015 à 10:52 +, Shachar Raindel a écrit :
> > > > -Original Message-
Hi,
Shachar Raindel wrote on Fri, Apr 03, 2015 at 11:49:13AM +:
> > couldn't get it to work - ibv_reg_mr would return EINVAL on an address
> > obtained by mmap.
>
> Were you mmaping a normal disk file, or was the mmap targeting an MMIO of
> another hardware device? mmap of a normal disk file
Hi,
Le vendredi 03 avril 2015 à 08:39 +, Haggai Eran a écrit :
> On Thursday, April 2, 2015 11:40 PM, Yann Droneaud
> wrote:
> > Le jeudi 02 avril 2015 à 16:44 +, Shachar Raindel a écrit :
> >> > -Original Message-
> >> > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> >> > S
Hi Dominique,
> -Original Message-
> From: Dominique Martinet [mailto:dominique.marti...@cea.fr]
> Sent: Thursday, April 02, 2015 8:44 PM
> To: Shachar Raindel
> Subject: Re: [oss-security] RE: CVE-2014-8159 kernel: infiniband:
> uverbs: unprotected physical mem
On Thursday, April 2, 2015 11:40 PM, Yann Droneaud wrote:
> Le jeudi 02 avril 2015 à 16:44 +, Shachar Raindel a écrit :
>> > -Original Message-
>> > From: Yann Droneaud [mailto:ydrone...@opteya.com]
>> > Sent: Thursday, April 02, 2015 7:35 PM
>
>> > Another related question: as the la
Hi,
Le jeudi 02 avril 2015 à 16:44 +, Shachar Raindel a écrit :
> > -Original Message-
> > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> > Sent: Thursday, April 02, 2015 7:35 PM
> > Another related question: as the large memory range could be registered
> > by user space with ib
.openwall.com;
>> (linux-rdma@vger.kernel.org); linux-
>> ker...@vger.kernel.org; sta...@vger.kernel.org
>> Subject: Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected
>> physical memory access
>>
>> Hi Haggai,
>>
>> Le jeudi 02 avril 2015 à 18
@vger.kernel.org; sta...@vger.kernel.org
> Subject: Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected
> physical memory access
>
> Hi Haggai,
>
> Le jeudi 02 avril 2015 à 18:18 +0300, Haggai Eran a écrit :
> > On 02/04/2015 16:30, Yann Droneaud wrote:
> > > Hi,
> > &
> -Original Message-
> From: Roland Dreier [mailto:rol...@purestorage.com]
> Sent: Thursday, April 02, 2015 7:33 PM
> To: Shachar Raindel
> Cc: oss-secur...@lists.openwall.com;
> (linux-rdma@vger.kernel.org); sta...@vger.kernel.org
> Subject: Re: CVE-2014-8159 kerne
Hi Haggai,
Le jeudi 02 avril 2015 à 18:18 +0300, Haggai Eran a écrit :
> On 02/04/2015 16:30, Yann Droneaud wrote:
> > Hi,
> >
> > Le jeudi 02 avril 2015 à 10:52 +, Shachar Raindel a écrit :
> >>> -Original Message-
> >>> From: Yann Droneaud [mailto:ydrone...@opteya.com]
> >>> Sent: T
rg
> Subject: Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected
> physical memory access
>
> Hi,
> Le jeudi 02 avril 2015 à 10:52 +, Shachar Raindel a écrit :
> > > -Original Message-
> > > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> >
On Thu, Apr 2, 2015 at 12:52 AM, Shachar Raindel wrote:
> This is a common practice in the security industry, called
> "responsible disclosure."
>
> Following the kernel security bugs policy [1], we reported it to
> the kernel security contacts few days before making the issue public.
> Few days
On 02/04/2015 16:30, Yann Droneaud wrote:
> Hi,
>
> Le jeudi 02 avril 2015 à 10:52 +, Shachar Raindel a écrit :
>>> -Original Message-
>>> From: Yann Droneaud [mailto:ydrone...@opteya.com]
>>> Sent: Thursday, April 02, 2015 1:05 PM
>>> Le mercredi 18 mars 2015 à 17:39 +, Shachar Ra
Hi,
Le jeudi 02 avril 2015 à 10:52 +, Shachar Raindel a écrit :
> > -Original Message-
> > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> > Sent: Thursday, April 02, 2015 1:05 PM
> > Le mercredi 18 mars 2015 à 17:39 +, Shachar Raindel a écrit :
...
> > > + /*
> > > + * If the
Hi,
Le jeudi 02 avril 2015 à 10:52 +, Shachar Raindel a écrit :
> > -Original Message-
> > From: Yann Droneaud [mailto:ydrone...@opteya.com]
> > Sent: Thursday, April 02, 2015 1:05 PM
> > Le mercredi 18 mars 2015 à 17:39 +, Shachar Raindel a écrit :
> > > + /*
> > > + * If the co
rg
> Subject: Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected
> physical memory access
>
> Hi,
>
> Le mercredi 18 mars 2015 à 17:39 +, Shachar Raindel a écrit :
> > Hi,
> >
> > + /*
> > +* If the combination of the addr and size
Hi,
Le mercredi 18 mars 2015 à 17:39 +, Shachar Raindel a écrit :
> Hi,
>
> It was found that the Linux kernel's InfiniBand/RDMA subsystem did not
> properly sanitize input parameters while registering memory regions
> from user space via the (u)verbs API. A local user with access to
> a /dev
> -Original Message-
> From: Roland Dreier [mailto:rol...@purestorage.com]
> Sent: Wednesday, April 01, 2015 8:28 PM
> To: Shachar Raindel
> Cc: oss-secur...@lists.openwall.com;
> (linux-rdma@vger.kernel.org); sta...@vger.kernel.org
> Subject: Re: CVE-2014-81
On Wed, Mar 18, 2015 at 10:39 AM, Shachar Raindel wrote:
> Date: Sun, 04 Jan 2015 18:30:32 +0200
> Subject: [PATCH] IB/core: Prevent integer overflow in ib_umem_get address
> arithmetic
Just so we're clear, this bug has been known since January 4, and it's
getting sent upstream now?
I assume we
Hi,
It was found that the Linux kernel's InfiniBand/RDMA subsystem did not properly
sanitize input parameters while registering memory regions from user space via
the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device
could use this flaw to crash the system or, potential
26 matches
Mail list logo
