lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 28 Sep 2008 23:07:09 +0100 (BST)
From:	Hugh Dickins <hugh@...itas.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
cc:	Al Viro <viro@...IV.linux.org.uk>,
	Alexey Dobriyan <adobriyan@...il.com>, ebiederm@...ssion.com,
	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: 2.6.27-rc7-sha1: EIP at proc_sys_compare+0x36/0x50

On Sun, 28 Sep 2008, Linus Torvalds wrote:
> On Sun, 28 Sep 2008, Linus Torvalds wrote:
> > 
> > NOTE! Totally untested patch! It looks sane and really obvious, but maybe 
> > it has some insane and non-obvious bug.

Looks good to me, nicer than the first, and would have prevented my
oops today (if I'm interpreting it correctly: certainly I do have
DCACHE_UNHASHED set).

> 
> Oh. I think I see at least a _potential_ insane and non-obvious bug: if 
> somebody actually is going to do a __d_drop() _inside_ their d_compare(), 
> this would fail horribly because we now assume that the dentry is still 
> fine, since we held d_lock.
> 
> Of course, I think that would be very very buggy of a filesystem to do (we 
> don't even pass in the dentry as an argument - you have to figure it out 
> from the qstr, and a filesystem really should not do that!), but /proc 
> _does_ look up the dentry in question, maybe some other insane filesystem 
> does too and then does the __d_drop.

I agree that would be insane.  There's no end to the weird things
a filesystem _could_ do in its d_compare, but it is supposed to be
about comparison, and every filesystem I can see in the tree treats
it as such.

> 
> I'm not seeing it, though. So I still think the patch is sane and good, 
> but somebody really needs to double- or triple-check me on it.

Hugh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ