lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJuCfpG9o5Z7x6hvPXy-Tfgom31sm4rjAA=f4KiY9pppGRGSHQ@mail.gmail.com>
Date:   Wed, 12 Jan 2022 11:06:30 -0800
From:   Suren Baghdasaryan <surenb@...gle.com>
To:     Eric Biggers <ebiggers@...nel.org>
Cc:     Matthew Wilcox <willy@...radead.org>,
        Johannes Weiner <hannes@...xchg.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Tejun Heo <tj@...nel.org>, Zefan Li <lizefan.x@...edance.com>,
        Ingo Molnar <mingo@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Juri Lelli <juri.lelli@...hat.com>,
        Vincent Guittot <vincent.guittot@...aro.org>,
        Dietmar Eggemann <dietmar.eggemann@....com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Benjamin Segall <bsegall@...gle.com>,
        Mel Gorman <mgorman@...e.de>,
        Daniel Bristot de Oliveira <bristot@...hat.com>,
        Jonathan Corbet <corbet@....net>,
        "open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        cgroups mailinglist <cgroups@...r.kernel.org>,
        stable <stable@...r.kernel.org>,
        kernel-team <kernel-team@...roid.com>,
        syzbot <syzbot+cdb5dd11c97cc532efad@...kaller.appspotmail.com>
Subject: Re: [PATCH v3 1/1] psi: Fix uaf issue when psi trigger is destroyed
 while being polled

On Wed, Jan 12, 2022 at 11:04 AM Eric Biggers <ebiggers@...nel.org> wrote:
>
> On Wed, Jan 12, 2022 at 10:53:48AM -0800, Suren Baghdasaryan wrote:
> > On Wed, Jan 12, 2022 at 10:44 AM Eric Biggers <ebiggers@...nel.org> wrote:
> > >
> > > On Wed, Jan 12, 2022 at 10:26:08AM -0800, Suren Baghdasaryan wrote:
> > > > On Wed, Jan 12, 2022 at 10:16 AM Matthew Wilcox <willy@...radead.org> wrote:
> > > > >
> > > > > On Wed, Jan 12, 2022 at 09:49:00AM -0800, Suren Baghdasaryan wrote:
> > > > > > > This happens with the following config:
> > > > > > >
> > > > > > > CONFIG_CGROUPS=n
> > > > > > > CONFIG_PSI=y
> > > > > > >
> > > > > > > With cgroups disabled these functions are defined as non-static but
> > > > > > > are not defined in the header
> > > > > > > (https://elixir.bootlin.com/linux/latest/source/include/linux/psi.h#L28)
> > > > > > > since the only external user cgroup.c is disabled. The cleanest way to
> > > > > > > fix these I think is by doing smth like this in psi.c:
> > > > >
> > > > > A cleaner way to solve these is simply:
> > > > >
> > > > > #ifndef CONFIG_CGROUPS
> > > > > static struct psi_trigger *psi_trigger_create(...);
> > > > > ...
> > > > > #endif
> > > > >
> > > > > I tested this works:
> > > > >
> > > > > $ cat foo5.c
> > > > > static int psi(void *);
> > > > >
> > > > > int psi(void *x)
> > > > > {
> > > > >         return (int)(long)x;
> > > > > }
> > > > >
> > > > > int bar(void *x)
> > > > > {
> > > > >         return psi(x);
> > > > > }
> > > > > $ gcc -W -Wall -O2 -c -o foo5.o foo5.c
> > > > > $ readelf -s foo5.o
> > > > >
> > > > > Symbol table '.symtab' contains 4 entries:
> > > > >    Num:    Value          Size Type    Bind   Vis      Ndx Name
> > > > >      0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND
> > > > >      1: 0000000000000000     0 FILE    LOCAL  DEFAULT  ABS foo5.c
> > > > >      2: 0000000000000000     0 SECTION LOCAL  DEFAULT    1 .text
> > > > >      3: 0000000000000000     3 FUNC    GLOBAL DEFAULT    1 bar
> > > > >
> > > >
> > > > Thanks Matthew!
> > > > That looks much cleaner. I'll post a separate patch to fix these. My
> > > > main concern was whether it's worth adding more code to satisfy this
> > > > warning but with this approach the code changes are minimal, so I'll
> > > > go ahead and post it shortly.
> > >
> > > Why not simply move the declarations of psi_trigger_create() and
> > > psi_trigger_destroy() in include/linux/psi.h outside of the
> > > '#ifdef CONFIG_CGROUPS' block, to match the .c file?
> >
> > IIRC this was done to avoid another warning that these functions are
> > not used outside of psi.c when CONFIG_CGROUPS=n
> >
>
> What tool gave that warning?

Let me double-check by building it. It has been a while since I
developed the code and I don't want to mislead by making false claims.

>
> - Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ