torvalds/linux
torvalds/linux
2
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-09-04 20:19:47 +08:00
Code
1,368,918 Commits 2 Branches 898 Tags 3.4 GiB
C 97.4%
Assembly 1%
Shell 0.5%
Python 0.4%
Makefile 0.3%
Other 0.2%
bee47cb026
Go to file
Olga Kornievskaia bee47cb026 sunrpc: fix handling of server side tls alerts 
Scott Mayhew discovered a security exploit in NFS over TLS in
tls_alert_recv() due to its assumption it can read data from
the msg iterator's kvec..

kTLS implementation splits TLS non-data record payload between
the control message buffer (which includes the type such as TLS
aler or TLS cipher change) and the rest of the payload (say TLS
alert's level/description) which goes into the msg payload buffer.

This patch proposes to rework how control messages are setup and
used by sock_recvmsg().

If no control message structure is setup, kTLS layer will read and
process TLS data record types. As soon as it encounters a TLS control
message, it would return an error. At that point, NFS can setup a
kvec backed msg buffer and read in the control message such as a
TLS alert. Msg iterator can advance the kvec pointer as a part of
the copy process thus we need to revert the iterator before calling
into the tls_alert_recv.

Reported-by: Scott Mayhew <smayhew@redhat.com>
Fixes: 5e052dda12 ("SUNRPC: Recognize control messages in server-side TCP socket code")
Suggested-by: Trond Myklebust <trondmy@hammerspace.com>
Cc: stable@vger.kernel.org
Signed-off-by: Olga Kornievskaia <okorniev@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
2025-08-06 09:57:50 -04:00
arch - Update Kirill's email address 2025-07-13 10:41:19 -07:00
block block-6.16-20250626 2025-06-27 09:02:33 -07:00
certs sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
crypto crypto: wp512 - Use API partial block handling 2025-06-23 16:56:56 +08:00
Documentation Fixes for a few clk drivers and bindings: 2025-07-13 11:37:35 -07:00
drivers Fixes for a few clk drivers and bindings: 2025-07-13 11:37:35 -07:00
fs nfsd: avoid ref leak in nfsd_open_local_fh() 2025-08-05 10:31:33 -04:00
include sunrpc: rearrange struct svc_rqst for fewer cachelines 2025-07-14 12:46:49 -04:00
init futex: Temporary disable FUTEX_PRIVATE_HASH 2025-07-01 15:02:05 +02:00
io_uring io_uring-6.16-20250710 2025-07-11 10:29:30 -07:00
ipc - The 3 patch series "hung_task: extend blocking task stacktrace dump to 2025-05-31 19:12:53 -07:00
kernel - Prevent perf_sigtrap() from observing an exiting task and warning 2025-07-13 10:34:47 -07:00
lib maple_tree: fix mt_destroy_walk() on root leaf node 2025-07-09 21:07:52 -07:00
LICENSES LICENSES: add CC0-1.0 license text 2025-05-21 14:54:17 +02:00
mm Revert "sched/numa: add statistics of numa balance task" 2025-07-09 21:07:56 -07:00
net sunrpc: fix handling of server side tls alerts 2025-08-06 09:57:50 -04:00
rust Merge tag 'drm-misc-fixes-2025-07-10' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes 2025-07-11 14:11:19 +02:00
samples samples/damon: fix damon sample mtier for start failure 2025-07-09 21:07:55 -07:00
scripts scripts: gdb: vfs: support external dentry names 2025-07-09 21:07:54 -07:00
security selinux: change security_compute_sid to return the ssid or tsid on match 2025-06-19 16:13:16 -04:00
sound ALSA: hda/realtek: Enable headset Mic on Positivo K116J 2025-07-07 14:09:09 +02:00
tools - Update Kirill's email address 2025-07-13 10:41:19 -07:00
usr usr/include: openrisc: don't HDRTEST bpf_perf_event.h 2025-05-12 15:03:17 +09:00
virt KVM: Allow CPU to reschedule while setting per-page memory attributes 2025-06-24 12:20:17 -07:00
.clang-format Linux 6.15-rc5 2025-05-06 16:39:25 +10:00
.clippy.toml rust: clean Rust 1.88.0's warning about clippy::disallowed_macros configuration 2025-05-07 00:11:47 +02:00
.cocciconfig
.editorconfig .editorconfig: remove trim_trailing_whitespace option 2024-06-13 16:47:52 +02:00
.get_maintainer.ignore MAINTAINERS: Retire Ralf Baechle 2024-11-12 15:48:59 +01:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore .gitignore: ignore Python compiled bytecode 2025-04-24 10:12:46 -06:00
.mailmap MAINTAINERS: Update Kirill Shutemov's email address for TDX 2025-07-11 07:25:51 -07:00
.pylintrc docs: add a .pylintrc file with sys path for docs scripts 2025-04-09 12:10:33 -06:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS CREDITS: Add entry for Shannon Nelson 2025-06-21 07:34:28 -07:00
Kbuild drm: ensure drm headers are self-contained and pass kernel-doc 2025-02-12 10:44:43 +02:00
Kconfig io_uring: Rename KConfig to Kconfig 2025-02-19 14:53:27 -07:00
MAINTAINERS - Update Kirill's email address 2025-07-13 10:41:19 -07:00
Makefile Linux 6.16-rc6 2025-07-13 14:25:58 -07:00
README README: Fix spelling 2024-03-18 03:36:32 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.