| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c0d99436-28a0-d012-646d-251a9511e76f@oracle.com>
Date: Mon, 27 Feb 2023 14:59:38 -0500
From: George Kennedy <george.kennedy@...cle.com>
To: Linux regressions mailing list <regressions@...ts.linux.dev>
Cc: Thomas Weißschuh <linux@...ssschuh.net>,
Jiri Slaby <jirislaby@...nel.org>,
linux-kernel@...r.kernel.org, Randy Dunlap <rdunlap@...radead.org>,
Storm Dragon <stormdragon2976@...il.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
sfr@...b.auug.org.au, akpm@...ux-foundation.org,
linux-serial@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH] vc_screen: don't clobber return value in vcs_read
Hello Thomas,
On 2/27/2023 9:20 AM, Linux regression tracking (Thorsten Leemhuis) wrote:
> Hi, this is your Linux kernel regression tracker. Top-posting for once,
> to make this easily accessible to everyone.
>
> George, is there anything we can do to help you moving forward to
> finally get this regression fixed? It seems (or am I missing something?)
> everyone is waiting for you (see below) to act on the feedback Jiri
> provided here:
>
> https://lore.kernel.org/lkml/8dffe187-240d-746e-ed84-885ffd2785f6@kernel.org/
>
> Side note: would be good to add a "Link:" tag pointing to the start of
> this thread as well, but that's just a detail.
I just sent the requested patch up for review.
https://lore.kernel.org/lkml/1677527001-17459-1-git-send-email-george.kennedy@oracle.com/
Last post on the previous patch that led to the requested patch:
https://lore.kernel.org/lkml/9e297f30-dc8c-ecac-f7a6-348ddbd4b928@leemhuis.info/
Thank you,
George
>
> Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)
> --
> Everything you wanna know about Linux kernel regression tracking:
> https://linux-regtracking.leemhuis.info/about/#tldr
> If I did something stupid, please tell me, as explained on that page.
>
> On 21.02.23 14:50, Greg Kroah-Hartman wrote:
>> On Tue, Feb 21, 2023 at 08:30:11AM -0500, George Kennedy wrote:
>>> On 2/20/2023 11:34 AM, Thomas Weißschuh wrote:
>>>> +Cc people who were involved in the original thread.
>>>>
>>>> On Mon, Feb 20, 2023 at 12:48:59PM +0100, Jiri Slaby wrote:
>>>>> On 20. 02. 23, 7:46, linux@...ssschuh.net wrote:
>>>>>> From: Thomas Weißschuh <linux@...ssschuh.net>
>>>>>>
>>>>>> Commit 226fae124b2d
>>>>>> ("vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF")
>>>>>> moved the call to vcs_vc() into the loop.
>>>>>> While doing this it also moved the unconditional assignment of
>>>>>> "ret = -ENXIO".
>>>>>> This unconditional assignment was valid outside the loop but within it
>>>>>> it clobbers the actual value of ret.
>>>>>>
>>>>>> To avoid this only assign "ret = -ENXIO" when actually needed.
>>>>> Not sure -- I cannot find it -- but hasn't George fixed this yet?
>>>> Indeed there was a proposed fix at
>>>> https://lore.kernel.org/lkml/1675704844-17228-1-git-send-email-george.kennedy@oracle.com/
>>>>
>>>> Linus had some suggestions so it was not applied as is.
>>>>
>>>> I'm not sure what the current state is.
>>>> George, do you have something in the pipeline?
>>> Yes, that is in the pipeline:
>>> https://lore.kernel.org/lkml/1675774098-17722-1-git-send-email-george.kennedy@oracle.com/
>>>
>>> Linus suggested the fix, which was tested and submitted.
>>>
>>> Jiri commented on the patch, which I believe was directed at Linus as he
>>> suggested the fix.
>> And I was waiting for a new version from you based on those comments :(
>>
>> Can you fix that up and send?
>>
>> thanks,
>>
>> greg k-h
> #regzbot monitor:
> https://lore.kernel.org/lkml/1675774098-17722-1-git-send-email-george.kennedy@oracle.com/
> #regzbot poke
Powered by blists - more mailing lists