On Mon, Oct 9, 2023 at 8:28 PM Jakub Kicinski kuba@kernel.org wrote:
On Mon, 9 Oct 2023 12:31:57 -0300 Pedro Tammela wrote:
Herm, how did we get this far without CCing the author of the patch. Adding Budimir.
Pedro, Budimir, any idea what the original bug was? There isn't much info in the commit message.
We had a UAF with a very straight forward way to trigger it.
Any details?
As in you want the sequence of commands that caused the fault posted? Budimir, lets wait for Jakub's response before you do that. I have those details as well of course.
Setting 'rt' as a parent is incorrect and the man page is explicit about it as it doesn't make sense 'qdisc wise'. Being able to set it has always been wrong unfortunately...
Sure but unfortunately "we don't break backward compat" means we can't really argue. It will take us more time to debate this than to fix it (assuming we understand the initial problem).
Frankly one can even argue whether "exploitable by root / userns" is more important than single user's init scripts breaking. The "security" issues for root are dime a dozen.
This is a tough one - as it stands right now we dont see a good way out. It's either "exploitable by root / userns" or break uapi. Christian - can you send your "working" scripts, simplified if possible, and we'll take a look.
cheers, jamal