lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Jan 2020 18:08:46 -0500 From: Arvind Sankar <nivedita@...m.mit.edu> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Arvind Sankar <nivedita@...m.mit.edu>, Dominik Brodowski <linux@...inikbrodowski.net>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Al Viro <viro@...iv.linux.org.uk>, youling 257 <youling257@...il.com> Subject: Re: [PATCH] early init: open /dev/console with O_LARGEFILE On Wed, Jan 01, 2020 at 03:01:12PM -0800, Linus Torvalds wrote: > On Wed, Jan 1, 2020 at 2:50 PM Arvind Sankar <nivedita@...m.mit.edu> wrote: > > > > Shouldn't that only affect init though? The getty's it spawns should be > > in their own sessions. > > They *should* be in their own sessions, and clearly this problem > doesn't seem to really affect much anybody else. > > But I think youling has some limited and/or odd init userspace, and I > think it gets confused. > > So my theory is that because of the file descriptor leak, that "forget > the old controlling tty" doesn't happen, and then subsequent tty opens > don't do the right thing. > > Maybe. > > But it's the only real semantic change I can see in that whole patch. > > Linus Ok. If you do end up going with this rather than the revert, one minor nit with the patch -- if somehow the filp_open succeeds but one of the f_dupfd's fails, you still need to do an fput to avoid leaking the reference.
Powered by blists - more mailing lists