| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 28 Sep 2008 13:59:33 -0700 (PDT) From: Linus Torvalds <torvalds@...ux-foundation.org> To: Hugh Dickins <hugh@...itas.com> cc: Al Viro <viro@...IV.linux.org.uk>, Alexey Dobriyan <adobriyan@...il.com>, ebiederm@...ssion.com, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org Subject: Re: 2.6.27-rc7-sha1: EIP at proc_sys_compare+0x36/0x50 On Sun, 28 Sep 2008, Linus Torvalds wrote: > > NOTE! Totally untested patch! It looks sane and really obvious, but maybe > it has some insane and non-obvious bug. Oh. I think I see at least a _potential_ insane and non-obvious bug: if somebody actually is going to do a __d_drop() _inside_ their d_compare(), this would fail horribly because we now assume that the dentry is still fine, since we held d_lock. Of course, I think that would be very very buggy of a filesystem to do (we don't even pass in the dentry as an argument - you have to figure it out from the qstr, and a filesystem really should not do that!), but /proc _does_ look up the dentry in question, maybe some other insane filesystem does too and then does the __d_drop. I'm not seeing it, though. So I still think the patch is sane and good, but somebody really needs to double- or triple-check me on it. Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists