lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 30 Mar 2022 01:21:20 -0400
From:   "Jason A. Donenfeld" <Jason@...c4.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Fedor Pchelkin <aissur0002@...il.com>,
        Alexey Khoroshilov <khoroshilov@...ras.ru>,
        Eric Biggers <ebiggers@...nel.org>,
        Christian Brauner <brauner@...nel.org>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 4/4] file: Fix file descriptor leak in copy_fd_bitmaps()

Hi Linus,

On Tue, Mar 29, 2022 at 03:18:56PM -0700, Linus Torvalds wrote:
> On Tue, Mar 29, 2022 at 2:02 PM Linus Torvalds
> <torvalds@...ux-foundation.org> wrote:
> >
> > I will apply that ALIGN() thing since Christian could confirm it fixes
> > things, and try to add a few more comments about how bitmaps are
> > fundamentally in chunks of BITS_PER_LONG.
> 
> Ok, applied as commit 1c24a186398f ("fs: fd tables have to be
> multiples of BITS_PER_LONG").

This broke the WireGuard test suite, <https://www.wireguard.com/build-status/>,
on 32-bit archs with a line like:

[+] NS1: wg set wg0 private-key /dev/fd/63 listen-port 1 peer xb6I3yo5N/A9PXGeqSVdMywrogPz82Ug5vWTdqQJRF8= preshared-key /dev/fd/62 allowed-ips 192.168.241.2/32,fd00::2/128
fopen: No such file or directory

Those /dev/fd/63 and /dev/fd/62 are coming from bash process
redirection:

n1 wg set wg0 private-key <(echo "$key1") peer "$pub2" preshared-key <(echo "$psk") allowed-ips 192.168.241.2/32 endpoint 127.0.0.1:2

Peppering some printks, it looks like in `max_fds = ALIGN(max_fds,
BITS_PER_LONG);`, max_fds is sometimes 4294967295 before the call, and
that ALIGN winds up bringing it to 0.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ