| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jan 2023 08:50:34 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Sasha Levin <sashal@...nel.org>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org,
kernel test robot <oliver.sang@...el.com>,
Eric Biggers <ebiggers@...nel.org>,
Andreas Dilger <adilger@...ger.ca>,
"Theodore Ts'o" <tytso@....edu>, Jason Donenfeld <Jason@...c4.com>,
Masahiro Yamada <masahiroy@...nel.org>,
adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org
Subject: Re: [PATCH AUTOSEL 6.1 35/35] ext4: deal with legacy signed xattr
name hash values
On Tue, Jan 24, 2023 at 5:42 AM Sasha Levin <sashal@...nel.org> wrote:
>
> From: Linus Torvalds <torvalds@...ux-foundation.org>
>
> [ Upstream commit f3bbac32475b27f49be201f896d98d4009de1562 ]
>
> We potentially have old hashes of the xattr names generated on systems
> with signed 'char' types. Now that everybody uses '-funsigned-char',
> those hashes will no longer match.
This patch does not work correctly without '-funsigned-char', and I
don't think that has been back-ported to stable kernels.
That said, the patch *almost* works. You'd just have to add something
like this to it:
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -3096,7 +3096,7 @@ static __le32 ext4_xattr_hash_entry(char *name,
while (name_len--) {
hash = (hash << NAME_HASH_SHIFT) ^
(hash >> (8*sizeof(hash) - NAME_HASH_SHIFT)) ^
- *name++;
+ (unsigned char)*name++;
}
while (value_count--) {
hash = (hash << VALUE_HASH_SHIFT) ^
to make it work right (ie just make sure that the proper xattr name
hashing actually uses unsigned chars for its hash).
Linus
Powered by blists - more mailing lists