lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200214163758.455gqh73dhzvbvtv@ca-dmjordan1.us.oracle.com>
Date:   Fri, 14 Feb 2020 11:37:58 -0500
From:   Daniel Jordan <daniel.m.jordan@...cle.com>
To:     Yang Yingliang <yangyingliang@...wei.com>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Daniel Jordan <daniel.m.jordan@...cle.com>,
        Sasha Levin <sashal@...nel.org>,
        Steffen Klassert <steffen.klassert@...unet.com>
Subject: Re: [PATCH 4.19 091/195] padata: Remove broken queue flushing

Hello Yang,

On Fri, Feb 14, 2020 at 06:21:47PM +0800, Yang Yingliang wrote:
> On 2020/2/10 20:32, Greg Kroah-Hartman wrote:
> > @@ -501,8 +509,7 @@ static struct parallel_data *padata_alloc_pd(struct padata_instance *pinst,
> >   	timer_setup(&pd->timer, padata_reorder_timer, 0);
> >   	atomic_set(&pd->seq_nr, -1);
> >   	atomic_set(&pd->reorder_objects, 0);
> > -	atomic_set(&pd->refcnt, 0);
> > -	pd->pinst = pinst;
> This patch remove this assignment, it's cause a null-ptr-deref when using
> pd->pinst in padata_reorder().

Thanks for reporting.  This change is based on an enhancement in mainline that
moved this assignment but isn't in 4.19:

  bfde23ce200e ("padata: unbind parallel jobs from specific CPUs")

A version of _this_ patch (i.e. remove broken queue flushing) has been posted
for 4.14, 4.9, and 4.4, all of which would likely result in the same issue, so
let's hold off on merging those until I can post fixed versions.

I'll start working on the 4.19 fix now.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ