lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 14 Aug 2020 14:07:07 -0300
From:   Jason Gunthorpe <>
To:     Jack Leadford <>
Cc:     Joe Perches <>, Leon Romanovsky <>,
        Greg Kroah-Hartman <>,
        Peilin Ye <>,
        Santosh Shilimkar <>,
        "David S. Miller" <>,
        Jakub Kicinski <>,
        Dan Carpenter <>,
        Arnd Bergmann <>,,,,,
Subject: Re: [Linux-kernel-mentees] [PATCH net] rds: Prevent kernel-infoleak
 in rds_notify_queue_get()

On Sat, Aug 08, 2020 at 03:57:33PM -0700, Jack Leadford wrote:
> Hello!
> Thanks to Jason for getting this conversation back on track.
> Yes: in general, {} or a partial initializer /will/ zero padding bits.
> However, there is a bug in some versions of GCC where {} will /not/ zero
> padding bits; actually, Jason's test program in this mail
> has the right ingredients to trigger the bug, but the GCC
> versions used are outside of the bug window. :)

It seems fine, at least Godbolt doesn't show a bug with that code.

Can you share the test that does fail?

This seems like the sort of security sensitive bug that should be
addressed in gcc, not worked around in the kernel code :\


Powered by blists - more mailing lists