lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 May 2022 20:27:52 +0200 From: "Jason A. Donenfeld" <Jason@...c4.com> To: Lucas De Marchi <lucas.demarchi@...el.com> Cc: linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org, Jann Horn <jannh@...gle.com>, Kees Cook <keescook@...omium.org>, Luis Chamberlain <mcgrof@...nel.org>, linux-fsdevel@...r.kernel.org Subject: Re: [PATCH 1/2] sysctl: read() must consume poll events, not poll() Hi Lucas, On 5/12/22, Lucas De Marchi <lucas.demarchi@...el.com> wrote: > On Mon, May 02, 2022 at 04:06:01PM +0200, Jason A. Donenfeld wrote: >>Events that poll() responds to are supposed to be consumed when the file >>is read(), not by the poll() itself. By putting it on the poll() itself, >>it makes it impossible to poll() on a epoll file descriptor, since the >>event gets consumed too early. Jann wrote a PoC, available in the link >>below. >> >>Reported-by: Jann Horn <jannh@...gle.com> >>Cc: Kees Cook <keescook@...omium.org> >>Cc: Luis Chamberlain <mcgrof@...nel.org> >>Cc: linux-fsdevel@...r.kernel.org >>Link: >> https://lore.kernel.org/lkml/CAG48ez1F0P7Wnp=PGhiUej=u=8CSF6gpD9J=Oxxg0buFRqV1tA@mail.gmail.com/ >>Signed-off-by: Jason A. Donenfeld <Jason@...c4.com> > > It seems to be my bug. This is indeed better. Also, I don't think it's > unsafe > to fix it like this neither. If my memory serves (it's what, 10+ years?), > this > was only tested and used with poll(), which will continue to work. You are not correct. Please read the entire thread. This breaks systemd. Jason
Powered by blists - more mailing lists