| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Sep 2018 19:13:01 +0300
From: Cyrill Gorcunov <gorcunov@...il.com>
To: Jann Horn <jannh@...gle.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
linux-fsdevel@...r.kernel.org, Michal Hocko <mhocko@...nel.org>,
Oleg Nesterov <oleg@...hat.com>, avagin@...tuozzo.com,
kernel list <linux-kernel@...r.kernel.org>
Subject: Re: [linux-next] BUG triggered in ptraceme
On Wed, Sep 19, 2018 at 04:16:50PM +0200, Jann Horn wrote:
...
> >
> > Heh, actually not :) It is due to commit
> >
> > commit 1f8266ff58840d698a1e96d2274189de1bdf7969
> > Author: Jann Horn <jannh@...gle.com>
> > Date: Thu Sep 13 18:12:09 2018 +0200
> >
> > which introduced might_sleep. Seems it is bad idea to send bug report
> > without having a cup of coffee at the morning :)
>
> Yeah, I fixed one sleep-in-atomic bug and figured I'd throw a
> might_sleep() in there for good measure... sigh.
> I guess now I have to go through all the callers of
> begin_current_label_crit_section() to see what else looks wrong...
>
Yes, I fear so. Need to check every caller just to be sure.
> apparmor_ptrace_traceme() is wrong, as reported...
>
> apparmor_path_link() looks icky, but I'm not sure - from what I can
> tell, it's called with an i_rwsem held for writing, and that probably
> makes calling back into filesystem context from there a bad idea?
> OTOH, it's just the i_rwsem of a newly-created path, so I don't know
> whether that's actually an issue...
>
> security_path_rename() is called with two i_rwsem's held, but again,
> I'm not sure whether that's a problem.
Lets wait for fs people opinions.
Powered by blists - more mailing lists