lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Sun, 22 Jan 2023 14:56:11 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     SeongJae Park <sj@...nel.org>,
        Seth Jenkins <sethjenkins@...gle.com>,
        Jann Horn <jannh@...gle.com>, stable@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: Please add oops_limit to -stable

On Thu, Jan 19, 2023 at 04:26:55PM -0800, Kees Cook wrote:
> Hi,
> 
> I'd like to ask that the oops_limit series get included in -stable
> releases. It's a recommended defense developed while writing this
> report:
> https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
> 
> I've had a few people ask about having it in -stable, for example:
> https://lore.kernel.org/lkml/20230119201023.4003-1-sj@kernel.org
> 
> This is the series:
> 
> 9360d035a579 panic: Separate sysctl logic from CONFIG_SMP
> d4ccd54d28d3 exit: Put an upper limit on how often we can oops
> 9db89b411170 exit: Expose "oops_count" to sysfs
> de92f65719cd exit: Allow oops_limit to be disabled
> 79cc1ba7badf panic: Consolidate open-coded panic_on_warn checks
> 9fc9e278a5c0 panic: Introduce warn_limit
> 8b05aa263361 panic: Expose "warn_count" to sysfs
> 00dd027f721e docs: Fix path paste-o for /sys/kernel/warn_count
> 7535b832c639 exit: Use READ_ONCE() for all oops/warn limit reads
> 
> For v6.1.x they apply cleanly and behave as expected.

All now queued up.

> I'm hoping someone can step up and do backports for v5.15.x and earlier,
> as there appear to be a number of conflicts and I'm swamped with other
> stuff to do. :P

If any distro/release cares about 5.15.y and earlier, I will be glad to
take backports.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ