lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <2E3B862D-9B74-44FF-B4F9-C0D7D0030EB9@gmail.com>
Date:   Thu, 17 Aug 2023 20:05:47 -0400
From:   Sishuai Gong <sishuai.system@...il.com>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     mhiramat@...nel.org, linux-kernel@...r.kernel.org,
        linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCH] tracefs: avoid setting i_mode to a temp value



> On Aug 17, 2023, at 8:00 PM, Steven Rostedt <rostedt@...dmis.org> wrote:
> 
> On Thu, 17 Aug 2023 19:47:34 -0400
> Sishuai Gong <sishuai.system@...il.com> wrote:
> 
>>> Can you produce this race?  
>> This data race was detected when I was testing the kernel (e.g., fuzzing)
>> but I did not make the attempt to reproduce it.
> 
> Now, I'm curious to what exactly is this fixing? The intermediate value is
> the S_IALLUGO bits cleared. Doesn't that mean that nothing has permission?
> 
> It's not a big deal if that's the case, as it just means things are locked
> down a bit more than normal.
You are right. Even if the intermediate value is read, it is unlikely to cause anything
serious. The reader I observed is acl_permission_check(), which will not be affected
by the race.

> 
> My question is, do we really care, and why should we?
This shouldn’t be a serious problem. Maybe we could consider this patch as an
annotation to the race.

> 
> -- Steve
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ