lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <70764773-ee94-869c-4a08-1810789db2e9@gmx.de>
Date:   Mon, 9 Jan 2023 12:48:03 +0100
From:   Helge Deller <deller@....de>
To:     Daniel Vetter <daniel@...ll.ch>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        linux-kernel@...r.kernel.org, linux-fbdev@...r.kernel.org,
        dri-devel@...ts.freedesktop.org
Subject: Re: [GIT PULL] fbdev fixes for v6.2-rc3

On 1/9/23 11:26, Daniel Vetter wrote:
> On Thu, 5 Jan 2023 at 11:22, Daniel Vetter <daniel@...ll.ch> wrote:
>>
>> On Thu, 5 Jan 2023 at 09:14, Helge Deller <deller@....de> wrote:
>>>
>>> Hi Linus,
>>>
>>> please pull the fbdev driver updates for 6.2-rc3, to receive
>>> fixes for matroxfb, offb, omapfb and fbmem.
>>>
>>> Thanks,
>>> Helge
>>>
>>> ----
>>>
>>> The following changes since commit 1b929c02afd37871d5afb9d498426f83432e71c2:
>>>
>>>    Linux 6.2-rc1 (2022-12-25 13:41:39 -0800)
>>>
>>> are available in the Git repository at:
>>>
>>>    http://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git tags/fbdev-for-6.2-rc3
>>>
>>> for you to fetch changes up to 764043cccd7232a783753a612d628fc0cb7854be:
>>>
>>>    fbdev: omapfb: avoid stack overflow warning (2023-01-04 19:09:40 +0100)
>>>
>>> ----------------------------------------------------------------
>>> fbdev updates for kernel 6.2-rc3:
>>>
>>> - Fix Matrox G200eW initialization failure
>>> - Fix build failure of offb driver when built as module
>>> - Optimize stack usage in omapfb
>>> - Prevent use-after-free in fbmem
>>>
>>> ----------------------------------------------------------------
>>> Arnd Bergmann (1):
>>>        fbdev: omapfb: avoid stack overflow warning
>>>
>>> Hang Zhang (1):
>>>        fbdev: fbmem: prevent potential use-after-free issues with console_lock()
>>
>> I looked at this, and even by fbdev locking standards this makes
>> absolutely no sense to me. I think this should be dropped before we've
>> reached some sort of conclusion on what is going on, or whether this
>> is just pure static checker conjecture without fully understanding how
>> this is supposed to work really.
>
> Just to close this: Turned out to be some kind of static checker dud
> (and unfortunately the commit message didn't even explain that it was
> found through some undisclosed static checker, I asked the submitter
> to rectify this going forward since they'll likely submit more stuff
> like this).
> -Daniel

Thank you, Daniel!

Helge

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ