lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 2 Sep 2018 19:47:33 -0700
From:   Linus Torvalds <>
To:     Benjamin Herrenschmidt <>
Cc:     Jiri Kosina <>,
        Jürgen Groß <>,
        Linux Kernel Mailing List <>,
        Michal Hocko <>,
        Naoya Horiguchi <>,
        Michael Ellerman <>,
        Will Deacon <>
Subject: Re: Access to non-RAM pages

On Sun, Sep 2, 2018 at 7:25 PM Benjamin Herrenschmidt
<> wrote:
> Ah, my bad reading, I was looking at read_word_at_a_time() instead of
> load_unaligned_zeropad(). I'm not familiar enough with the dentry qstr
> stuff, I assume this is safe ?

The dentry qstr should always be 8-byte aligned because it's a kernel
name allocation.

So it's the path component in the actual pathname string that can be
unaligned (ct/tcount in dentry_string_cmp).

The comment actually does talk about it, although the comment also
claims that the cs read would use load_unaligned_zeropad(), which it
no longer does (now it only does the read_word_at_a_time).

And read_word_at_a_time() is purely a KASAN thing. The thing can't
fault, but it *can* read uninitialized data past the end of the
string, making KASAN unhappy.

So that's actually a different issue, where KASAN does byte-level
validity testing, and doing word-at-a-time accesses obviously violates
that for strings.


Powered by blists - more mailing lists