On Thu, 2017-08-24 at 03:22 +0200, Ivan Delalande wrote:
> Report TCP MD5 (RFC2385) signing keys, addresses and address prefixes to
> processes with CAP_NET_ADMIN requesting INET_DIAG_INFO. Currently it is
> not possible to retrieve these from the kernel once they have been
> configured on sockets.
I really find that all these changes in net/ipv4/inet_diag.c
for TCP stuff (and #ifdef CONFIG_TCP_MD5SIG all over the places) are
ugly.
Also, since you do not lock the socket, inet_diag_put_md5sig()
might see different lists (&md5sig->head) and you could either write non
reserved memory, or at the contrary report not initialized kernel data
to user.
+static int inet_diag_put_md5sig(struct sk_buff *skb,
+ const struct tcp_md5sig_info *md5sig)
+{
+ const struct tcp_md5sig_key *key;
+ struct nlattr *attr;
+ struct tcp_md5sig *info = NULL;
+ int md5sig_count = 0;
+
+ hlist_for_each_entry_rcu(key, &md5sig->head, node)
+ md5sig_count++;
+
+ attr = nla_reserve(skb, INET_DIAG_MD5SIG,
+ md5sig_count * sizeof(struct tcp_md5sig));
+ if (!attr)
+ return -EMSGSIZE;
+
+ info = nla_data(attr);
+ hlist_for_each_entry_rcu(key, &md5sig->head, node) {
+ inet_diag_md5sig_fill(info, key);
+ info++;
Here we might see different keys than computed (in md5sig_count)
+ }
+
+ return 0;
+}
+#endif
+
