lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <0537f532-1499-f644-2c91-ad91da7901df@gmail.com>
Date:   Sun, 4 Oct 2020 20:55:29 +0530
From:   Anant Thazhemadam <anant.thazhemadam@...il.com>
To:     Al Viro <viro@...iv.linux.org.uk>
Cc:     Eric Biggers <ebiggers@...nel.org>, linux-fsdevel@...r.kernel.org,
        linux-kernel-mentees@...ts.linuxfoundation.org,
        Greg KH <gregkh@...uxfoundation.org>,
        syzbot+4191a44ad556eacc1a7a@...kaller.appspotmail.com,
        linux-kernel@...r.kernel.org
Subject: Re: [Linux-kernel-mentees] [PATCH] fs: fix KMSAN uninit-value bug by
 initializing nd in do_file_open_root


On 20-09-2020 01:47, Anant Thazhemadam wrote:
> On 19-09-2020 17:03, Anant Thazhemadam wrote:
>> On 19-09-2020 22:25, Al Viro wrote:
>>> On Sat, Sep 19, 2020 at 05:17:27PM +0100, Al Viro wrote:
>>>
>>>> Lovely...  That would get an empty path and non-directory for a starting
>>>> point, but it should end up with LAST_ROOT in nd->last_type.  Which should
>>>> not be able to reach the readers of those fields...  Which kernel had
>>>> that been on?
>>> Yecchhh...  I see what's going on; I suspect that this ought to be enough.
>>> Folks, could somebody test it on the original reproducer setup?
>> Sure. I can do that.
> Looks like this patch actually fixes this bug.
> I made syzbot test the patch, and no issues were triggered!
>
> Note:    syzbot tested the patch with the KMSAN kernel, which
> was recently rebased on v5.9-rc4.
>
> Thanks,
> Anant

Ping.
Has the patch that was tested been applied to any tree yet?
If yes, could someone please let me know the commit details, so we can close
the issue? (Unfortunately, I was unable to find it. :( )

Thanks,
Anant

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ