lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 22 Mar 2018 20:02:38 +0000
From:   Nadav Amit <namit@...are.com>
To:     Oleksandr Natalenko <oleksandr@...hat.com>
CC:     Arnd Bergmann <arnd@...db.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Xavier Deguillard <xdeguillard@...are.com>,
        pv-drivers <pv-drivers@...are.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Gil Kupfer <gilkup@...il.com>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>,
        "ldu@...hat.com" <ldu@...hat.com>
Subject: Re: [PATCH v2] vmw_balloon: fixing double free when batching mode is
 off

Oleksandr Natalenko <oleksandr@...hat.com> wrote:

> Hi.
> 
> On Mon, Mar 19, 2018 at 7:52 PM, Nadav Amit <namit@...are.com> wrote:
>>> Oleksandr, if you can confirm that it fixes the bug you encountered, it
>>> would be great.
>>> 
>>> Greg, Arnd, on your free time, please let me know if there is any issue
>>> with the patch, and whether you can incorporate it, preferably in 4.16,
>>> since it is a bug-fix that was encountered by Red-Hat customers.
>> 
>> Ping?
> 
> No news from me (yet). We depends on the customer here since we are
> unable to reproduce the issue in-house. If you have a recipe on how to
> trigger it reliably, please let us know, and this will speed up the
> verification process.

Actually, rechecking the bug description, I might have rushed. The bug that
I encountered is related to the vunmap() but it is only caused when batching
is off, while the bug you reported has batching on.

It seems that your sources support batching but do not include b91f108a3d54
(“VMware balloon: Treat init like reset”), which I think would have solved
the problem. I don’t see a mainline kernel that supports batching and does
not have this patch, so it would be helpful to see the exact module that you
use.

Regards,
Nadav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ