lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 29 Aug 2022 10:05:13 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Jiri Slaby <jirislaby@...nel.org>
Cc:     Ondrej Mosnacek <omosnace@...hat.com>,
        Linux kernel mailing list <linux-kernel@...r.kernel.org>,
        Linux Stable maillist <stable@...r.kernel.org>,
        Masahiro Yamada <masahiroy@...nel.org>
Subject: Re: [PATCH 5.19 145/365] kbuild: dummy-tools: avoid tmpdir leak in
 dummy gcc

On Mon, Aug 29, 2022 at 09:12:39AM +0200, Jiri Slaby wrote:
> On 27. 08. 22, 10:34, Ondrej Mosnacek wrote:
> > On Sat, Aug 27, 2022 at 9:51 AM Jiri Slaby <jirislaby@...nel.org> wrote:
> > > On 23. 08. 22, 10:00, Greg Kroah-Hartman wrote:
> > > > From: Ondrej Mosnacek <omosnace@...hat.com>
> > > > 
> > > > commit aac289653fa5adf9e9985e4912c1d24a3e8cbab2 upstream.
> > > > 
> > > > When passed -print-file-name=plugin, the dummy gcc script creates a
> > > > temporary directory that is never cleaned up. To avoid cluttering
> > > > $TMPDIR, instead use a static directory included in the source tree.
> > > 
> > > This breaks our (SUSE) use of dummy tools (GCC_PLUGINS became =n). I
> > > will investigate whether this is stable-only and the root cause later.
> > 
> > It looks like both the Greg's generated patch and the final stable
> > commit (d7e676b7dc6a) are missing the addition of the empty
> > plugin-version.h file. It appears in the patch's diffstat, but not in
> > the actual diff. The mainline commit does include the empty file
> > correctly, so it's likely a bug in the stable cherry pick automation.
> 
> Right, this fixed the issue for me:
> --- a/patches.kernel.org/5.19.4-144-kbuild-dummy-tools-avoid-tmpdir-leak-in-dummy-.patch
> +++ b/patches.kernel.org/5.19.4-144-kbuild-dummy-tools-avoid-tmpdir-leak-in-dummy-.patch
> @@ -20,6 +20,8 @@ Signed-off-by: Jiri Slaby <jslaby@...e.cz>
>   scripts/dummy-tools/gcc | 8 ++------
>   1 file changed, 2 insertions(+), 6 deletions(-)
> 
> +diff --git a/scripts/dummy-tools/dummy-plugin-dir/include/plugin-version.h
> b/scripts/dummy-tools/dummy-plugin-dir/include/plugin-version.h
> +new file mode 100644
>  diff --git a/scripts/dummy-tools/gcc b/scripts/dummy-tools/gcc
>  index b2483149bbe5..7db825843435 100755
>  --- a/scripts/dummy-tools/gcc

Ick, looks like a bad interaction between git and quilt, and then back
to git.  I'll manually fix this up and push out a new stable release
with it.

thanks for reporting this!

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ