lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YS+s+XL0xXKGwh9a@kroah.com>
Date:   Wed, 1 Sep 2021 18:40:25 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        syzbot+01985d7909f9468f013c@...kaller.appspotmail.com,
        Alexey Gladkov <legion@...nel.org>,
        Sasha Levin <sashal@...nel.org>
Subject: Re: [PATCH 5.10 036/103] ucounts: Increase ucounts reference counter
 before the security hook

On Wed, Sep 01, 2021 at 09:25:25AM -0500, Eric W. Biederman wrote:
> Greg Kroah-Hartman <gregkh@...uxfoundation.org> writes:
> 
> > From: Alexey Gladkov <legion@...nel.org>
> >
> > [ Upstream commit bbb6d0f3e1feb43d663af089c7dedb23be6a04fb ]
> >
> > We need to increment the ucounts reference counter befor security_prepare_creds()
> > because this function may fail and abort_creds() will try to decrement
> > this reference.
> 
> Has the conversion of the rlimits to ucounts been backported?
> 
> Semantically the code is an improvement but I don't know of any cases
> where it makes enough of a real-world difference to make it worth
> backporting the code.
> 
> Certainly the ucount/rlimit conversions do not meet the historical
> criteria for backports.  AKA simple obviously correct patches.
> 
> The fact we have been applying fixes for the entire v5.14 stabilization
> period is a testament to the code not quite being obviously correct.
> 
> Without backports the code only affects v5.14 so I have not been
> including a Cc stable on any of the commits.
> 
> So color me very puzzled about what is going on here.

Sasha picked this for some reason, but if you think it should be
dropped, we can easily do so.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ