lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 28 Feb 2024 08:59:36 +0900
From: Dominique Martinet <asmadeus@...ewreck.org>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: stable@...r.kernel.org, patches@...ts.linux.dev,
	linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
	akpm@...ux-foundation.org, linux@...ck-us.net, shuah@...nel.org,
	patches@...nelci.org, lkft-triage@...ts.linaro.org, pavel@...x.de,
	jonathanh@...dia.com, f.fainelli@...il.com,
	sudipm.mukherjee@...il.com, srw@...dewatkins.net, rwarsow@....de,
	conor@...nel.org, allen.lkml@...il.com
Subject: Re: [PATCH 5.10 000/122] 5.10.211-rc1 review

Greg Kroah-Hartman wrote on Tue, Feb 27, 2024 at 02:26:01PM +0100:
> Kees Cook <keescook@...omium.org>
>     net: dev: Convert sa_data to flexible array in struct sockaddr
> (ca13c2b1e9e4b5d982c2f1e75f28b1586e5c0f7f in this tree,
> b5f0de6df6dce8d641ef58ef7012f3304dffb9a1 upstream)

This commit breaks build of some 3rd party wireless module we use here
(because sizeof(sa->sa_data) no longer works and needs to use
sa_data_min)
With that said I guess it really is a dependency on the arp_req_get
overflow, so probably necessary evil, and I don't think we explicitly
pretend to preserve APIs for 3rd party modules so this is probably
fine... The new warnings that poped up (and were reported in other
messages) a probably worth checking though.


That aside no particular problem actually running this, so--
Tested 5d69d611e74d ("Linux 5.10.211-rc1") on:
- arm i.MX6ULL (Armadillo 640)
- arm64 i.MX8MP (Armadillo G4)

No obvious regression in dmesg or basic tests:
Tested-by: Dominique Martinet <dominique.martinet@...ark-techno.com>

-- 
Dominique Martinet | Asmadeus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ