lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200325021327.GJ23230@ZenIV.linux.org.uk>
Date:   Wed, 25 Mar 2020 02:13:27 +0000
From:   Al Viro <viro@...iv.linux.org.uk>
To:     Qian Cai <cai@....pw>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        linux-fsdevel@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>
Subject: Re: Null-ptr-deref due to "sanitized pathwalk machinery (v4)"

On Tue, Mar 24, 2020 at 09:49:48PM -0400, Qian Cai wrote:

> It does not catch anything at all with the patch,

You mean, oops happens, but neither WARN_ON() is triggered?
Lovely...  Just to make sure: could you slap the same couple
of lines just before
                if (unlikely(!d_can_lookup(nd->path.dentry))) {
in link_path_walk(), just to check if I have misread the trace
you've got?

Does that (+ other two inserts) end up with
	1) some of these WARN_ON() triggered when oops happens or
	2) oops is happening, but neither WARN_ON() triggers or
	3) oops not happening / becoming harder to hit?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ