From: Linus Torvalds <torva...@linux-foundation.org> Date: Sat, 14 May 2016 11:24:08 -0700 (PDT)
> > From: Linus Torvalds <torva...@linux-foundation.org> > Date: Sat, 14 May 2016 11:11:44 -0700 > Subject: [PATCH] nf_conntrack: avoid kernel pointer value leak in slab name > > The slab name ends up being visible in the directory structure under > /sys, and even if you don't have access rights to the file you can see > the filenames. > > Just use a 64-bit counter instead of the pointer to the 'net' structure > to generate a unique name. > > This code will go away in 4.7 when the conntrack code moves to a single > kmemcache, but this is the backportable simple solution to avoiding > leaking kernel pointers to user space. > > Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> > Acked-by: Eric Dumazet <eric.duma...@gmail.com> > Cc: sta...@vger.kernel.org Applied, thanks.
