From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 40E083858C2C for ; Thu, 3 Feb 2022 11:47:53 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 40E083858C2C Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-354-2BCL-S1qNCCjKu56VjBEIg-1; Thu, 03 Feb 2022 06:47:51 -0500 X-MC-Unique: 2BCL-S1qNCCjKu56VjBEIg-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D373514751; Thu, 3 Feb 2022 11:47:50 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.193.205]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D8F4960C59; Thu, 3 Feb 2022 11:47:49 +0000 (UTC) From: Florian Weimer To: pgowda cve Cc: libc-stable@sourceware.org, samuel.thibault@ens-lyon.org Subject: Re: [2.33 and 2.34][PATCH] Simplify __opensock and fix race condition [BZ #28353] References: Date: Thu, 03 Feb 2022 12:47:47 +0100 In-Reply-To: (pgowda cve's message of "Thu, 3 Feb 2022 17:13:18 +0530") Message-ID: <871r0kuq70.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-6.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-stable@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-stable mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2022 11:47:54 -0000 * pgowda cve: > (cherry picked from commit 5bf07e1b3a74232bfb8332275110be1a5da50f83) > > Please find attached the backported patch for glibc versions 2.33 and 2.34. > Please let me know if it's okay. I think we would have to backport all these commits: commit 3d981795cd00cc9b73c3ee5087c308361acd62e5 Author: Florian Weimer Date: Mon Nov 22 14:41:14 2021 +0100 socket: Do not use AF_NETLINK in __opensock It is not possible to use interface ioctls with netlink sockets on all Linux kernels. Reviewed-by: Adhemerval Zanella commit 1d3decee997ba2fc24af81803299b2f4f3c47063 Author: Samuel Thibault Date: Mon Oct 18 01:39:02 2021 +0200 hurd if_index: Explicitly use AF_INET for if index discovery 5bf07e1b3a74 ("Linux: Simplify __opensock and fix race condition [BZ #28353]") made __opensock try NETLINK then UNIX then INET. On the Hurd, only INET knows about network interfaces, so better actually specify that in if_index. commit 5bf07e1b3a74232bfb8332275110be1a5da50f83 Author: Florian Weimer Date: Tue Sep 28 18:55:49 2021 +0200 Linux: Simplify __opensock and fix race condition [BZ #28353] AF_NETLINK support is not quite optional on modern Linux systems anymore, so it is likely that the first attempt will always succeed. Consequently, there is no need to cache the result. Keep AF_UNIX and the Internet address families as a fallback, for the rare case that AF_NETLINK is missing. The other address families previously probed are totally obsolete be now, so remove them. Use this simplified version as the generic implementation, disabling Netlink support as needed. I can do that, no need to send patches. Thanks, Florian