lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <498B27DB.9000808@zytor.com>
Date:	Thu, 05 Feb 2009 09:54:35 -0800
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Arnd Bergmann <arnd@...db.de>
CC:	Jaswinder Singh Rajput <jaswinder@...nel.org>,
	Herbert Xu <herbert@...dor.apana.org.au>, mingo@...e.hu,
	x86@...nel.org, sam@...nborg.org, jirislaby@...il.com,
	gregkh@...e.de, davem@...emloft.net, xyzzy@...akeasy.org,
	mchehab@...radead.org, jens.axboe@...cle.com,
	linux-media@...r.kernel.org, linux-kernel@...r.kernel.org,
	Avi Kivity <avi@...hat.com>
Subject: Re: [PATCH] Make exported headers use strict posix types

Arnd Bergmann wrote:
> A number of standard posix types are used in exported headers, which
> is not allowed if __STRICT_KERNEL_NAMES is defined. Change them all
> to use the safe __kernel variant so that we can make __STRICT_KERNEL_NAMES
> the default.
> 
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> 
> ---
> On Thursday 05 February 2009, H. Peter Anvin wrote:
> 
>> I have been advocating for hacking headers_install for a while.  That
>> takes care of the 106.  The 15 *need* to be audited immediately, because
>> that is even likely to be actual manifest bugs.
> 
> This is what I found, please review.
> 

Indeed a lot of these look like real bugs, e.g. the use of off_t (which 
may be 32 bits in userspace while __kernel_off_t is 64 bits.)

So these are, indeed, critical bug fixes and should go into 2.6.29.

Some of these changes may require changes in userspace code if userspace 
has hacked around the problems.  Those changes, though, really should 
happen, too.

	-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ