lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YB5DTUiurAwqZbz1@kroah.com>
Date:   Sat, 6 Feb 2021 08:20:45 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Mauro Carvalho Chehab <mchehab+huawei@...nel.org>
Cc:     Tony Battersby <tonyb@...ernetics.com>,
        Jiri Slaby <jirislaby@...nel.org>,
        linux-kernel@...r.kernel.org,
        Jari Ruusu <jariruusu@...tonmail.com>,
        David Laight <David.Laight@...lab.com>,
        Christoph Biedl <linux-kernel.bfrz@...chmal.in-ulm.de>,
        linux-media@...r.kernel.org
Subject: Re: Kernel version numbers after 4.9.255 and 4.4.255

On Fri, Feb 05, 2021 at 07:11:05PM +0100, Mauro Carvalho Chehab wrote:
> Em Fri, 5 Feb 2021 12:31:05 -0500
> Tony Battersby <tonyb@...ernetics.com> escreveu:
> 
> > On 2/4/21 6:00 AM, Jiri Slaby wrote:
> > > Agreed. But currently, sublevel won't "wrap", it will "overflow" to 
> > > patchlevel. And that might be a problem. So we might need to update the 
> > > header generation using e.g. "sublevel & 0xff" (wrap around) or 
> > > "sublevel > 255 : 255 : sublevel" (be monotonic and get stuck at 255).
> > >
> > > In both LINUX_VERSION_CODE generation and KERNEL_VERSION proper.  
> > 
> > My preference would be to be monotonic and get stuck at 255 to avoid
> > breaking out-of-tree modules.  If needed, add another macro that
> > increases the number of bits that can be used to check for sublevels >
> > 255, while keeping the old macros for compatibility reasons.  Since
> > sublevels > 255 have never existed before, any such checks must be
> > newly-added, so they can be required to use the new macros.
> > 
> > I do not run the 4.4/4.9 kernels usually, but I do sometimes test a wide
> > range of kernels from 3.18 (gasp!) up to the latest when bisecting,
> > benchmarking, or debugging problems.  And I use a number of out-of-tree
> > modules that rely on the KERNEL_VERSION to make everything work.  Some
> > out-of-tree modules like an updated igb network driver might be needed
> > to make it possible to test the old kernel on particular hardware.
> > 
> > In the worst case, I can patch LINUX_VERSION_CODE and KERNEL_VERSION
> > locally to make out-of-tree modules work.  Or else just not test kernels
> > with sublevel > 255.
> 
> Overflowing LINUX_VERSION_CODE breaks media applications. Several media
> APIs have an ioctl that returns the Kernel version:
> 
> 	drivers/media/cec/core/cec-api.c:       caps.version = LINUX_VERSION_CODE;
> 	drivers/media/mc/mc-device.c:   info->media_version = LINUX_VERSION_CODE;
> 	drivers/media/v4l2-core/v4l2-ioctl.c:   cap->version = LINUX_VERSION_CODE;
> 	drivers/media/v4l2-core/v4l2-subdev.c:          cap->version = LINUX_VERSION_CODE;

This always struck me as odd, because why can't they just use the
uname(2) syscall instead?

> Those can be used by applications in order to enable some features that
> are available only after certain Kernel versions.
> 
> This is somewhat deprecated, in favor of the usage of some other
> capability fields, but for instance, the v4l2-compliance userspace tool
> have two such checks:
> 
> 	utils/v4l2-compliance/v4l2-compliance.cpp
> 	640:	fail_on_test((vcap.version >> 16) < 3);
> 	641:	if (vcap.version >= 0x050900)  // Present from 5.9.0 onwards
> 
> As far as I remember, all such checks are against major.minor. So,
> something like:
> 
> 	sublevel = (sublevel > 0xff) ? 0xff : sublevel;
> 
> inside KERNEL_VERSION macro should fix such regression at -stable.

I think if we clamp KERNEL_VERSION at 255 we should be fine for anyone
checking this type of thing.  Sasha has posted patches to do this.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ