lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 17 Apr 2017 10:29:55 -0700
From:   Eric Biggers <ebiggers3@...il.com>
To:     kernel test robot <xiaolong.ye@...el.com>
Cc:     keyrings@...r.kernel.org, David Howells <dhowells@...hat.com>,
        linux-security-module@...r.kernel.org,
        linux-kernel@...r.kernel.org, Eric Biggers <ebiggers@...gle.com>,
        stable@...r.kernel.org, lkp@...org, ltp@...ts.linux.it
Subject: Re: [lkp-robot] [KEYS]  bdf7c0f8bf: ltp.add_key02.fail

On Mon, Apr 17, 2017 at 02:26:41PM +0800, kernel test robot wrote:
> 
> FYI, we noticed the following commit:
> 
> commit: bdf7c0f8bf282ba44827ce3c7fd7936c8e90a18a ("KEYS: fix dereferencing NULL payload with nonzero length")
> url: https://github.com/0day-ci/linux/commits/Eric-Biggers/KEYS-fix-dereferencing-NULL-payload-with-nonzero-length/20170403-102013
> base: https://git.kernel.org/cgit/linux/kernel/git/jmorris/linux-security.git next
> 
...
> caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
> 
> 
> user  :notice: [   45.447047] <<<test_start>>>
> 
> user  :notice: [   45.447365] tag=add_key02 stime=1492169102
> 
> user  :notice: [   45.447567] cmdline="add_key02"
> 
> user  :notice: [   45.447685] contacts=""
> 
> user  :notice: [   45.447826] analysis=exit
> 
> user  :notice: [   45.448011] <<<test_output>>>
> 
> user  :notice: [   45.448568] tst_test.c:760: INFO: Timeout per run is 0h 05m 00s
> 
> user  :notice: [   45.449439] add_key02.c:65: FAIL: add_key() failed unexpectedly, expected EINVAL: EFAULT

In my opinion this is a valid behavior, and the test is just weird; it's passing
in *both* an unaddressable payload and an invalid description, so it's not clear
which case it's meant to be testing.  (Generally, if a syscall will fail for
more than one reason, it's not guaranteed which error code you'll get.)

In any case, once we have a fix merged, it would be nice for there to be an ltp
test added for the "NULL payload with nonzero length" case with one of the key
types that crashed the kernel.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ