lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 12 Aug 2010 12:24:51 +0200
From:	Lars Ellenberg <lars.ellenberg@...bit.com>
To:	Ben Hutchings <ben@...adent.org.uk>
Cc:	Philipp Reisner <philipp.reisner@...bit.com>,
	linux-kernel@...r.kernel.org, stable@...nel.org,
	Jens Axboe <jaxboe@...ionio.com>, stable-review@...nel.org,
	akpm@...ux-foundation.org, torvalds@...ux-foundation.org,
	alan@...rguk.ukuu.org.uk, Greg KH <gregkh@...e.de>
Subject: Re: [Stable-review] [38/67] drbd: Disable delay probes for the
 upcomming release

On Thu, Aug 12, 2010 at 04:15:02AM +0100, Ben Hutchings wrote:
> On Wed, 2010-08-11 at 17:05 -0700, Greg KH wrote:
> > 2.6.35-stable review patch.  If anyone has any objections, please let us know.
> > 
> > ------------------
> > 
> > From: Philipp Reisner <philipp.reisner@...bit.com>
> > 
> > commit 6710a5760355be8f2e51682f41b0d3fc76550309 upstream.
> > 
> > Signed-off-by: Philipp Reisner <philipp.reisner@...bit.com>
> > Signed-off-by: Lars Ellenberg <lars.ellenberg@...bit.com>
> > Signed-off-by: Jens Axboe <jaxboe@...ionio.com>
> > Signed-off-by: Greg Kroah-Hartman <gregkh@...e.de>
> [...]
> 
> Anyone want to explain why this is important?

The receiving side implementation of this "delay probe" feature
has potential to stall the DRBD resync process under certain ill
circumstances.  Thus we rather not send the delay probes in the first
place.  The feature has been reverted upstream, and is being replaced.

> Similarly "drbd: Initialize all members of sync_conf to their defaults
> [Bugz 315]"; I assume that some Bugzilla entry would tell me, only I
> have no idea where it is.

If it so happened that these defaults have not been set, and no explicit
value assigned either, and then later a delay probe is received (which,
if no one sends one, can no longer be the case), it could lead to a
division by zero in kernel space :(

You'd have to misuse drbd userland to get there, but you could.

> These commit messages *suck*.

We'll try to make them suck less.

	Lars
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ