lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <407fcb3f-4380-e965-d19c-e57990711d3e@kernel.dk>
Date:   Sun, 8 Mar 2020 10:17:33 -0600
From:   Jens Axboe <axboe@...nel.dk>
To:     Hillf Danton <hdanton@...a.com>,
        syzbot <syzbot+889cc963ed79ee90f74f@...kaller.appspotmail.com>
Cc:     akpm@...ux-foundation.org, hannes@...xchg.org,
        linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
        schatzberg.dan@...il.com, sfr@...b.auug.org.au,
        syzkaller-bugs@...glegroups.com
Subject: Re: general protection fault in __queue_work (2)

On 3/8/20 3:44 AM, Hillf Danton wrote:
> @@ -1208,8 +1211,16 @@ static int __loop_clr_fd(struct loop_dev
>  	 *
>  	 * 3) unlock, del_timer_sync so if timer raced it will be a no-op
>  	 */
> -	loop_unprepare_queue(lo);
>  	spin_lock_irq(&lo->lo_lock);
> +	do {
> +		struct workqueue_struct *wq = lo->workqueue;
> +
> +		lo->workqueue = ERR_PTR(-EINVAL);
> +		spin_unlock_irq(&lo->lo_lock);
> +		destroy_workqueue(wq);
> +		spin_lock_irq(&lo->lo_lock);
> +	} while (0);

This looks highly suspicious, what's the point of this loop?

Also think this series a) might not be fully cooked, and b) really
should have gone through the block tree.

-- 
Jens Axboe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ