| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170907203909.GV1774378@devbig577.frc2.facebook.com>
Date: Thu, 7 Sep 2017 13:39:09 -0700
From: Tejun Heo <tj@...nel.org>
To: Eric Biggers <ebiggers3@...il.com>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Chris Wilson <chris@...is-wilson.co.uk>,
Dmitry Vyukov <dvyukov@...gle.com>,
Matthew Wilcox <mawilcox@...rosoft.com>,
dri-devel@...ts.freedesktop.org, stable@...r.kernel.org
Subject: Re: [PATCH] idr: remove WARN_ON_ONCE() when trying to replace
negative ID
On Wed, Sep 06, 2017 at 04:53:06PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@...gle.com>
>
> IDR only supports non-negative IDs. There used to be a
> 'WARN_ON_ONCE(id < 0)' in idr_replace(), but it was intentionally
> removed by commit 2e1c9b286765 ("idr: remove WARN_ON_ONCE() on negative
> IDs"). Then it was added back by commit 0a835c4f090a ("Reimplement IDR
> and IDA using the radix tree"). However it seems that adding it back
> was a mistake, given that some users such as drm_gem_handle_delete()
> (DRM_IOCTL_GEM_CLOSE) pass in a value from userspace to idr_replace(),
> allowing the WARN_ON_ONCE to be triggered. drm_gem_handle_delete()
> actually just wants idr_replace() to return an error code if the ID is
> not allocated, including in the case where the ID is invalid (negative).
Acked-by: Tejun Heo <tj@...nel.org>
Thanks.
--
tejun
Powered by blists - more mailing lists