| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAG48ez29d-JJOw8XMp1Z=7sDj8Kvmt+9KXC9-ux-0OBhUP02Xg@mail.gmail.com>
Date: Wed, 8 Apr 2020 11:48:22 +0200
From: Jann Horn <jannh@...gle.com>
To: stable <stable@...r.kernel.org>,
Ben Hutchings <ben@...adent.org.uk>
Cc: kernel list <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Sasha Levin <sashal@...nel.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: backport request for 3.16 [was: Re: [PATCH AUTOSEL 5.4 30/73] futex:
Fix inode life-time issue]
@Ben: You'll probably also want to take these two into the next 3.16 release.
Sorry, I forgot that 3.16 has a different maintainer...
On Mon, Mar 23, 2020 at 8:18 PM Jann Horn <jannh@...gle.com> wrote:
>
> On Wed, Mar 18, 2020 at 9:54 PM Sasha Levin <sashal@...nel.org> wrote:
> >
> > From: Peter Zijlstra <peterz@...radead.org>
> >
> > [ Upstream commit 8019ad13ef7f64be44d4f892af9c840179009254 ]
> >
> > As reported by Jann, ihold() does not in fact guarantee inode
> > persistence. And instead of making it so, replace the usage of inode
> > pointers with a per boot, machine wide, unique inode identifier.
> >
> > This sequence number is global, but shared (file backed) futexes are
> > rare enough that this should not become a performance issue.
>
> Please also take this patch, together with
> 8d67743653dce5a0e7aa500fcccb237cde7ad88e "futex: Unbreak futex
> hashing", into the older stable branches. This has to go all the way
> back; as far as I can tell, the bug already existed at the beginning
> of git history.
Powered by blists - more mailing lists