lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 8 Oct 2018 10:29:52 -0700
From:   "H. Peter Anvin" <hpa@...or.com>
To:     Johan Hovold <johan@...nel.org>
Cc:     linux-kernel@...r.kernel.org,
        Tobias Klausmann <klausman@...warzvogel.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Jiri Slaby <jslaby@...e.com>,
        Al Viro <viro@...iv.linux.org.uk>,
        Richard Henderson <rth@...ddle.net>,
        Ivan Kokshaysky <ink@...assic.park.msu.ru>,
        Matt Turner <mattst88@...il.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Kate Stewart <kstewart@...uxfoundation.org>,
        Philippe Ombredanne <pombredanne@...b.com>,
        Eugene Syromiatnikov <esyr@...hat.com>,
        linux-alpha@...r.kernel.org, linux-serial@...r.kernel.org,
        Alan Cox <alan@...rguk.ukuu.org.uk>, stable@...r.kernel.org
Subject: Re: [PATCH stable v2 2/2] termios, tty/tty_baudrate.c: simplify,
 auto-generate baud table

On 10/8/18 8:46 AM, Johan Hovold wrote:
>
> So we need a minimal fix for this only as this patch in particular
> should not be backported to stable.
> 
> I'm not sure when I'll have time to review this one thoroughly, so
> perhaps others can chime in meanwhile.
> 
> Johan
> 

OK.  In the past Greg has generally liked to avoid fixes which will diverge
from upstream (because code in stable which is not in upstream can make
debugging difficult), but this is the minimal patch as requested; which to
apply is up to Greg.

As far as reviewing the cleanup patch, I strongly recommend:

a) Looking at the resulting file, not at the patch. Most of the code is simply
   merging the input and output rate functions into a common help function,
   and restructuring the code to that the utterly bizarre coding of a for loop
   using a do { ... } while() loop with the initial condition set at variable
   declaration(!!) far from the loop itself.
b) Examine bmacros.h after a build.
c) Build drivers/tty/tty_baudrate.s.  You can directly examine the baud_table
   and verify that it is, indeed, correct for whatever architecture you build.

	-hpa

View attachment "0002-termios-tty-tty_baudrate.c-fix-buffer-overrun.patch" of type "text/x-patch" (2052 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ