lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 7 Apr 2022 11:42:41 -0400
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Chuck Lever III <chuck.lever@...cle.com>
Cc:     Stephen Rothwell <sfr@...b.auug.org.au>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Next Mailing List <linux-next@...r.kernel.org>
Subject: Re: linux-next: runtime warning after merge of the cel-fixes tree

On Thu, 7 Apr 2022 15:35:24 +0000
Chuck Lever III <chuck.lever@...cle.com> wrote:

> > --- a/kernel/trace/trace_events.c
> > +++ b/kernel/trace/trace_events.c
> > @@ -392,8 +392,9 @@ static void test_event_printk(struct trace_event_call *call)
> > 			if (!(dereference_flags & (1ULL << arg)))
> > 				goto next_arg;
> > 
> > -			/* Check for __get_sockaddr */;
> > -			if (str_has_prefix(fmt + i, "__get_sockaddr(")) {
> > +			/* Check for __get_sockaddr or __get_dynamic_array */;
> > +			if (str_has_prefix(fmt + i, "__get_sockaddr(") ||
> > +			    str_has_prefix(fmt + i, "__get_dynamic_array(")) {
> > 				dereference_flags &= ~(1ULL << arg);
> > 				goto next_arg;
> > 			}  
> 
> That looks reasonable for present and future kernels.

Actually, I found an issue with the above that will not fix it, but the fix
to that is not that difficult (currently testing it this time).

> 
> We're looking for a solution that can be back-ported to stable,
> however, because the patch Mr. Rothwell had to revert is meant
> to address a NULL pointer deref that was introduced several years
> ago. (Otherwise I would have just used __get_sockaddr() and put
> my pencil down).

I can make a stable version of this patch, as __get_dynamic_array() has
been around for a long time. We could even keep the check for
"__get_sock_addr()" even though it does not exist in older kernels, but
this is just a string check, so that doesn't matter.

> 
> The simplest option is to take a brute-force approach and
> convert the sockaddr to a presentation address with an snprintf()
> call in the TP_fast_assign() arm of the tracepoints. Allow that
> to be carried into -stable as needed; then in v5.19 apply a
> clean-up that converts that mess into a proper __get_sockaddr().
> 
> That way, it stays my issue to address without needing to
> co-ordinate with fixes in other areas.

This change makes the tracing system more robust, which means it's not just
changing to solve an issue with your code. I'm happy to get this working
and backported.

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ