lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210206184926.GA19587@roeck-us.net>
Date:   Sat, 6 Feb 2021 10:49:26 -0800
From:   Guenter Roeck <linux@...ck-us.net>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Willy Tarreau <w@....eu>, linux-kernel@...r.kernel.org,
        akpm@...ux-foundation.org, torvalds@...ux-foundation.org,
        stable@...r.kernel.org, lwn@....net, jslaby@...e.cz,
        shuah@...nel.org, patches@...nelci.org,
        lkft-triage@...ts.linaro.org, pavel@...x.de, jonathanh@...dia.com
Subject: Re: Linux 4.4.256

On Sat, Feb 06, 2021 at 07:13:39PM +0100, Greg Kroah-Hartman wrote:
> On Sat, Feb 06, 2021 at 08:59:42AM -0800, Guenter Roeck wrote:
> > On 2/6/21 5:22 AM, Willy Tarreau wrote:
> > > On Sat, Feb 06, 2021 at 02:11:13PM +0100, Willy Tarreau wrote:
> > >> Something like this looks more robust to me, it will use SUBLEVEL for
> > >> values 0 to 255 and 255 for any larger value:
> > >>
> > >> -	expr $(VERSION) \* 65536 + 0$(PATCHLEVEL) \* 256 + 0$(SUBLEVEL)); \
> > >> +	expr $(VERSION) \* 65536 + 0$(PATCHLEVEL) \* 256 + 255 \* (0$(SUBLEVEL) > 255) + 0$(SUBLEVEL) * (0$(SUBLEVEL \<= 255)); \
> > > 
> > > Bah, I obviously missed a backslash above and forgot spaces around parens.
> > > Here's a tested version:
> > > 
> > > diff --git a/Makefile b/Makefile
> > > index 7d86ad6ad36c..9b91b8815b40 100644
> > > --- a/Makefile
> > > +++ b/Makefile
> > > @@ -1252,7 +1252,7 @@ endef
> > >  
> > >  define filechk_version.h
> > >  	echo \#define LINUX_VERSION_CODE $(shell                         \
> > > -	expr $(VERSION) \* 65536 + 0$(PATCHLEVEL) \* 256 + 0$(SUBLEVEL)); \
> > > +	expr $(VERSION) \* 65536 + 0$(PATCHLEVEL) \* 256 + 255 \* \( 0$(SUBLEVEL) \> 255 \) + 0$(SUBLEVEL) \* \( 0$(SUBLEVEL) \<= 255 \) ); \
> > >  	echo '#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))'
> > >  endef
> > >  
> > 
> > I like that version.
> 
> See the patch that Sasha queued up already, it just fixes it at 255 for
> now, and we will update with what is in Linus's tree like the above when
> that gets merged in 5.12-rc1.
> 
> > Two questions: Are there any concerns that KERNEL_VERSION(4, 4, 256)
> > matches KERNEL_VERSION(4, 5. 0),
> 
> As that "release" did nothing, no, I'm not too worried about it, are
> you?
> 
There are lots (35) of "KERNEL_VERSION(4, 5, 0)" in chromeos-4.4.
That should not matter with the clamped LINUX_VERSION_CODE, but
I'd prefer to clamp KERNEL_VERSION as well just to be sure. On
top of that, some of the vendor code we carry along does check
SUBVERSION, but that is probably more of an academic concern.

> > and do you plan to send this patch upstream ?
> 
> See the series sent upstream here: https://lore.kernel.org/r/20210206035033.2036180-1-sashal@kernel.org
> 
I backported the relevant patch into chromeos-4.4, so we should
be fine.

Thanks!
Guenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ