lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK8P3a1feqfJOTvQEC+tmdYToGzL0zmKLQmGzPe-UQry0AuW-g@mail.gmail.com>
Date:   Fri, 14 Sep 2018 17:15:52 +0200
From:   Arnd Bergmann <arnd@...db.de>
To:     Al Viro <viro@...iv.linux.org.uk>
Cc:     gregkh <gregkh@...uxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 02/50] move compat handling of tty ioctls to tty_compat_ioctl()

On Thu, Sep 13, 2018 at 4:40 AM Al Viro <viro@...iv.linux.org.uk> wrote:
>
> From: Al Viro <viro@...iv.linux.org.uk>
>
> ioctls that are
>         * callable only via tty_ioctl()
>         * not driver-specific
>         * not demand data structure conversions
>         * either always need passing arg as is or always demand compat_ptr()
> get intercepted in tty_compat_ioctl() from the very beginning and
> redirecter to tty_ioctl().  As the result, their entries in fs/compat_ioctl.c
> (some of those had been missing, BTW) got removed, as well as
> n_tty_compat_ioctl_helper() (now it's never called with any cmd it would accept).
>
> Signed-off-by: Al Viro <viro@...iv.linux.org.uk>

One more thing I just remembered when looking at my obsolete patches:
Your patch is fixing a couple of ioctl commands (I had identified only
TIOCVHANGUP and TIOCGPTPEER, you found a couple more)

It would be good to mark those as cc:stable@...r.kernel.org so we
can also get the fixes into older kernels. Looking through the
series again, I did not spot anything else that we need in stable,
in particular I would not bother with the compat_ptr() fixups there,
and the many cleanups of dead code and setserial wouldn't
be stable material anyway, but missing translation seems important
enough.

Looking at the changes in your patches, these are the ones
that you add in tty_compat_ioctl() that did not have a corresponding
entry in fs/compat_ioctl.c:

+       case TCSETX:
+       case TCSETXF:
+       case TCSETXW:
+       case TIOCGETC:
+       case TIOCGETP:
+       case TIOCGPTPEER:
+       case TIOCSERCONFIG:
+       case TIOCSETC:
+       case TIOCSETN:
+       case TIOCSETP:
+       case TIOCVHANGUP:

Should these all be added in a stable backport patch?

        Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ