lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190121122454.204712750@linuxfoundation.org>
Date:   Mon, 21 Jan 2019 14:44:04 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Kees Cook <keescook@...omium.org>,
        Gwendal Grignou <gwendal@...omium.org>,
        Guenter Roeck <linux@...ck-us.net>
Subject: [PATCH 4.9 08/51] proc: Remove empty line in /proc/self/status

4.9-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Guenter Roeck <linux@...ck-us.net>

If CONFIG_SECCOMP=n, /proc/self/status includes an empty line. This causes
the iotop application to bail out with an error message.

File "/usr/local/lib64/python2.7/site-packages/iotop/data.py", line 196,
	in parse_proc_pid_status
key, value = line.split(':\t', 1)
ValueError: need more than 1 value to unpack

The problem is seen in v4.9.y but not upstream because commit af884cd4a5ae6
("proc: report no_new_privs state") has not been backported to v4.9.y.
The backport of commit fae1fa0fc6cc ("proc: Provide details on speculation
flaw mitigations") tried to address the resulting differences but was
wrong, introducing the problem.

Fixes: 51ef9af2a35b ("proc: Provide details on speculation flaw mitigations")
Cc: Kees Cook <keescook@...omium.org>
Cc: Gwendal Grignou <gwendal@...omium.org>
Signed-off-by: Guenter Roeck <linux@...ck-us.net>
Acked-by: Kees Cook <keescook@...omium.org>
---
This patch only applies to v4.9.y. v4.4.y also needs to be fixed (see
https://www.spinics.net/lists/stable/msg279131.html), but the fix
is slightly different. v4.14.y and later are not affected.

 fs/proc/array.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -346,8 +346,9 @@ static inline void task_seccomp(struct s
 {
 #ifdef CONFIG_SECCOMP
 	seq_put_decimal_ull(m, "Seccomp:\t", p->seccomp.mode);
+	seq_putc(m, '\n');
 #endif
-	seq_printf(m, "\nSpeculation_Store_Bypass:\t");
+	seq_printf(m, "Speculation_Store_Bypass:\t");
 	switch (arch_prctl_spec_ctrl_get(p, PR_SPEC_STORE_BYPASS)) {
 	case -EINVAL:
 		seq_printf(m, "unknown");

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ