| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHmME9pZ0TeLR5NExbp88oXfOzcxULbce_GP31wEHcS9oWq+7A@mail.gmail.com>
Date: Thu, 12 May 2022 20:27:52 +0200
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: Lucas De Marchi <lucas.demarchi@...el.com>
Cc: linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org,
Jann Horn <jannh@...gle.com>,
Kees Cook <keescook@...omium.org>,
Luis Chamberlain <mcgrof@...nel.org>,
linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH 1/2] sysctl: read() must consume poll events, not poll()
Hi Lucas,
On 5/12/22, Lucas De Marchi <lucas.demarchi@...el.com> wrote:
> On Mon, May 02, 2022 at 04:06:01PM +0200, Jason A. Donenfeld wrote:
>>Events that poll() responds to are supposed to be consumed when the file
>>is read(), not by the poll() itself. By putting it on the poll() itself,
>>it makes it impossible to poll() on a epoll file descriptor, since the
>>event gets consumed too early. Jann wrote a PoC, available in the link
>>below.
>>
>>Reported-by: Jann Horn <jannh@...gle.com>
>>Cc: Kees Cook <keescook@...omium.org>
>>Cc: Luis Chamberlain <mcgrof@...nel.org>
>>Cc: linux-fsdevel@...r.kernel.org
>>Link:
>> https://lore.kernel.org/lkml/CAG48ez1F0P7Wnp=PGhiUej=u=8CSF6gpD9J=Oxxg0buFRqV1tA@mail.gmail.com/
>>Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
>
> It seems to be my bug. This is indeed better. Also, I don't think it's
> unsafe
> to fix it like this neither. If my memory serves (it's what, 10+ years?),
> this
> was only tested and used with poll(), which will continue to work.
You are not correct. Please read the entire thread. This breaks systemd.
Jason
Powered by blists - more mailing lists