lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Jan 2023 22:22:03 -0800
From:   Kees Cook <keescook@...omium.org>
To:     Thorsten Leemhuis <regressions@...mhuis.info>
Cc:     "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>,
        linux-bcache@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [regression] BugĀ 216785 - "memcpy: detected field-spanning
 write..." warnings with bcache #forregzbot

On Thu, Dec 15, 2022 at 08:11:06AM +0100, Thorsten Leemhuis wrote:
> [Note: this mail contains only information for Linux kernel regression
> tracking. Mails like these contain '#forregzbot' in the subject to make
> then easy to spot and filter out. The author also tried to remove most
> or all individuals from the list of recipients to spare them the hassle.]
> 
> On 08.12.22 15:53, Thorsten Leemhuis wrote:
> > https://bugzilla.kernel.org/show_bug.cgi?id=216785 :
> > 
> >>  Alexandre Pereira 2022-12-07 18:51:55 UTC
> >>
> >> Testing linux kernel 6.1-rc8, I have several kernel erros regarding bcache.
> >>
> >> For context, I have a bcache configuration that is working without issues on 6.0.x and previous versions.
> >>
> >> The errors:
> >>
> >> dez 07 18:33:45 stormtrooper kernel: ------------[ cut here ]------------
> >> dez 07 18:33:45 stormtrooper kernel: memcpy: detected field-spanning write (size 264) of single field "&i->j" at drivers/md/bcache/journal.c:152 (size 240)
> 
> #regzbot inconclusive: stop tracking field-spanning write warnings, they
> come from a new security feature
> 
> https://lore.kernel.org/all/20210727205855.411487-1-keescook@chromium.org/
> 
> Tracking them would cost time I better spend on more important things
> for now

FWIW, I'd find it handy to see these. I've been trying to track and fix
them. To that end, I've just sent out the following patches:

https://lore.kernel.org/lkml/20230106045327.never.413-kees@kernel.org/
https://lore.kernel.org/lkml/20230106053153.never.999-kees@kernel.org/
https://lore.kernel.org/lkml/20230106060229.never.047-kees@kernel.org/
https://lore.kernel.org/lkml/20230106061659.never.817-kees@kernel.org/

Thanks!

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ