lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 27 Jul 2009 21:52:50 +0100
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>,
	"Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com>,
	"Rafael J. Wysocki" <rjw@...k.pl>, Ray Lee <ray-lk@...rabbit.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH] kdesu broken

On Mon, 27 Jul 2009 12:40:11 -0700 (PDT)
Linus Torvalds <torvalds@...ux-foundation.org> wrote:

> 
> 
> On Tue, 28 Jul 2009, OGAWA Hirofumi wrote:
> > 
> > If I read that part of emacs correctly, it seems to be assuming the data
> > was already sent to master side if the child process was exited.
> 
> That sounds like a rather obvious assumption.

> Aren't pty's flushing the data at flush() time? Which should be happening 
> when the child process exits and closes the pty slave.

When you close the slave the device all the data has been queued to the
master

> So at what point do we just admit that the commit that caused all this was 
> a buggy pile of sh*t and just revert it?

If we could "just revert it" and get a sane tree I'd have asked you to do
so quite some time ago and readdressed it later.

We can't "just revert it" or I'd have deferred it for the next release. If
you revert it you

- introduce a DoS attack
- break ppp
- introduce a pile of other tty races including at least one where the
  right timings should let you jump through null pointers
- put back all sorts of random obscure hangs caused by all the lock
  violations

and you'll note I pointed out this was a late change I was forced to make
and really didn't want to in the original commit.

Nor can we revert several patches because the ppp stuff means going back
to about 2.6.28 or so for the entire tty layer plus some of the DoS and
null pointer races go back to 2.2 or 2.0 8(.

We can use the two line slightly imperfect quickfix which people reported
does fix their problem and I'm tempted to go with that for 2.6.31 because
it works for the real world cases that matter.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ