| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <MW2PR2101MB1033E52DD9307F9EF15F1E85F1CEA@MW2PR2101MB1033.namprd21.prod.outlook.com>
Date: Mon, 9 Oct 2023 02:38:43 +0000
From: Dan Clash <Dan.Clash@...rosoft.com>
To: Paul Moore <paul@...l-moore.com>, Jens Axboe <axboe@...nel.dk>
CC: "audit@...r.kernel.org" <audit@...r.kernel.org>,
"io-uring@...r.kernel.org" <io-uring@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"brauner@...nel.org" <brauner@...nel.org>
Subject: Re: [EXTERNAL] Re: audit: io_uring openat triggers audit reference
count underflow in worker thread
I retested with the following change as a sanity check:
- BUG_ON(name->refcnt <= 0);
+ BUG_ON(atomic_read(&name->refcnt) <= 0);
checkpatch.pl suggests using WARN_ON_ONCE rather than BUG.
devvm ~ $ ~/linux/scripts/checkpatch.pl --patch ~/io_uring_audit_hang_atomic.patch
WARNING: Do not crash the kernel unless it is absolutely unavoidable
--use WARN_ON_ONCE() plus recovery code (if feasible) instead of BUG() or variants
#28: FILE: fs/namei.c:262:
+ BUG_ON(atomic_read(&name->refcnt) <= 0);
...
refcount_t uses WARN_ON_ONCE.
I can think of three choices:
1. Use atomic_t and remove the BUG line.
2. Use refcount_t and remove the BUG line.
3. Use atomic_t and partially implement the warn behavior of refcount_t.
Choice 1 and 2 seem better than choice 3.
Powered by blists - more mailing lists