lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230704142846.524daa14ff921ed7eb534594@linux-foundation.org>
Date:   Tue, 4 Jul 2023 14:28:46 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Suren Baghdasaryan <surenb@...gle.com>
Cc:     Greg KH <gregkh@...uxfoundation.org>,
        Linux regressions mailing list <regressions@...ts.linux.dev>,
        Bagas Sanjaya <bagasdotme@...il.com>,
        Jacob Young <jacobly.alt@...il.com>,
        Laurent Dufour <ldufour@...ux.ibm.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Memory Management <linux-mm@...ck.org>,
        Linux PowerPC <linuxppc-dev@...ts.ozlabs.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: Fwd: Memory corruption in multithreaded user space program
 while calling fork

On Tue, 4 Jul 2023 13:22:54 -0700 Suren Baghdasaryan <surenb@...gle.com> wrote:

> On Tue, Jul 4, 2023 at 9:18 AM Andrew Morton <akpm@...ux-foundation.org> wrote:
> >
> > On Tue, 4 Jul 2023 09:00:19 +0100 Greg KH <gregkh@...uxfoundation.org> wrote:
> >
> > > > > > > Thanks! I'll investigate this later today. After discussing with
> > > > > > > Andrew, we would like to disable CONFIG_PER_VMA_LOCK by default until
> > > > > > > the issue is fixed. I'll post a patch shortly.
> > > > > >
> > > > > > Posted at: https://lore.kernel.org/all/20230703182150.2193578-1-surenb@google.com/
> > > > >
> > > > > As that change fixes something in 6.4, why not cc: stable on it as well?
> > > >
> > > > Sorry, I thought since per-VMA locks were introduced in 6.4 and this
> > > > patch is fixing 6.4 I didn't need to send it to stable for older
> > > > versions. Did I miss something?
> > >
> > > 6.4.y is a stable kernel tree right now, so yes, it needs to be included
> > > there :)
> >
> > I'm in wait-a-few-days-mode on this.  To see if we have a backportable
> > fix rather than disabling the feature in -stable.
> 
> Ok, I think we have a fix posted at [2]  and it's cleanly applies to
> 6.4.y stable branch as well. However fork() performance might slightly
> regress, therefore disabling per-VMA locks by default for now seems to
> be preferable even with this fix (see discussion at
> https://lore.kernel.org/all/54cd9ffb-8f4b-003f-c2d6-3b6b0d2cb7d9@google.com/).
> IOW, both [1] and [2] should be applied to 6.4.y stable. Both apply
> cleanly and I CC'ed stable on [2]. Greg, should I send [1] separately
> to stable@...r?
> 
> [1] https://lore.kernel.org/all/20230703182150.2193578-1-surenb@google.com/

This one isn't sufficient for .configs which already have
PER_VMA_LOCK=y.  Using `depends on BROKEN' would be better.

> [2] https://lore.kernel.org/all/20230704200656.2526715-1-surenb@google.com/
> 

We're still awaiting tester input on this?

I think a clean new fully-changelogged two-patch series would be the
best way to handle this.  Please ensure that the [0/2] intro clearly
explains what we're proposing here, and why.

Also, "might slightly regress" is a bit weak.  These things are
measurable, no?  Because a better solution would be to fix 6.4.x and
mainline and leave it at that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ