| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240502222252.work.690-kees@kernel.org> Date: Thu, 2 May 2024 15:33:35 -0700 From: Kees Cook <keescook@...omium.org> To: Christian Brauner <brauner@...nel.org>, Will Deacon <will@...nel.org> Cc: Kees Cook <keescook@...omium.org>, Al Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>, Zack Rusin <zack.rusin@...adcom.com>, Broadcom internal kernel review list <bcm-kernel-feedback-list@...adcom.com>, Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>, Maxime Ripard <mripard@...nel.org>, Thomas Zimmermann <tzimmermann@...e.de>, David Airlie <airlied@...il.com>, Daniel Vetter <daniel@...ll.ch>, Jani Nikula <jani.nikula@...ux.intel.com>, Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>, Rodrigo Vivi <rodrigo.vivi@...el.com>, Tvrtko Ursulin <tursulin@...ulin.net>, Andi Shyti <andi.shyti@...ux.intel.com>, Lucas De Marchi <lucas.demarchi@...el.com>, Matt Atwood <matthew.s.atwood@...el.com>, Matthew Auld <matthew.auld@...el.com>, Nirmoy Das <nirmoy.das@...el.com>, Jonathan Cavitt <jonathan.cavitt@...el.com>, Peter Zijlstra <peterz@...radead.org>, Boqun Feng <boqun.feng@...il.com>, Mark Rutland <mark.rutland@....com>, Kent Overstreet <kent.overstreet@...ux.dev>, Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Nicolas Schier <nicolas@...sle.eu>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, dri-devel@...ts.freedesktop.org, intel-gfx@...ts.freedesktop.org, linux-kbuild@...r.kernel.org, linux-hardening@...r.kernel.org Subject: [PATCH 0/5] fs: Do not allow get_file() to resurrect 0 f_count Hi, Failure with f_count reference counting are better contained by an actual reference counting type, like refcount_t. The first step is for get_file() to use inc_not_zero to avoid resurrection. I also found a couple open-coded modifications of f_count that should be using get_file(). Since long ago, f_count was switched to atomic_long_t, so to get proper reference count checking, I've added a refcount_long_t API, and then converted f_count to refcount_long_t. Now if there are underflows (or somehow an overflow), we'll see them reported. -Kees Kees Cook (5): fs: Do not allow get_file() to resurrect 0 f_count drm/vmwgfx: Do not directly manipulate file->f_count drm/i915: Do not directly manipulate file->f_count refcount: Introduce refcount_long_t and APIs fs: Convert struct file::f_count to refcount_long_t MAINTAINERS | 2 +- Makefile | 11 +- drivers/gpu/drm/i915/gt/shmem_utils.c | 5 +- drivers/gpu/drm/vmwgfx/ttm_object.c | 2 +- fs/file.c | 4 +- fs/file_table.c | 6 +- include/linux/fs.h | 7 +- include/linux/refcount-impl.h | 344 ++++++++++++++++++++++++++ include/linux/refcount.h | 341 +------------------------ include/linux/refcount_types.h | 12 + lib/refcount.c | 17 +- 11 files changed, 398 insertions(+), 353 deletions(-) create mode 100644 include/linux/refcount-impl.h -- 2.34.1
Powered by blists - more mailing lists