| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Jun 2023 09:43:34 +0800 From: Xia Fukun <xiafukun@...wei.com> To: Greg KH <gregkh@...uxfoundation.org> CC: <prajnoha@...hat.com>, <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v7] kobject: Fix global-out-of-bounds in kobject_action_type() On 2023/6/15 4:09, Greg KH wrote: > > How did you test it? How have you verified that the previous failures > were caught this time? > My testing method is to apply the patch, compile the kernel image, and start the QEMU virtual machine. Then compile and execute the code mentioned in the patch that triggers out-of-bounds issues. In addition, the following operations will be performed to verify the functions mentioned by Peter Rajnoha <prajnoha@...hat.com>: # echo "add fe4d7c9d-b8c6-4a70-9ef1-3d8a58d18eed A=1 B=abc" > /sys/block/ram0/uevent # udevadm monitor --kernel --env monitor will print the received events for: KERNEL - the kernel uevent KERNEL[189.376386] add /devices/virtual/block/ram0 (block) ACTION=add DEVPATH=/devices/virtual/block/ram0 SUBSYSTEM=block SYNTH_UUID=fe4d7c9d-b8c6-4a70-9ef1-3d8a58d18eed SYNTH_ARG_A=1 SYNTH_ARG_B=abc DEVNAME=/dev/ram0 DEVTYPE=disk DISKSEQ=14 SEQNUM=3781 MAJOR=1 MINOR=0 > You can understand my hesitancy here, right? > > thanks, > > greg k-h I am not sure which experts can help review this patch, as I can only find a limited number of people through the git blame command.
Powered by blists - more mailing lists