lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 6 May 2024 13:53:56 +0100
From: Jonathan Cameron <jic23@...nel.org>
To: Matti Vaittinen <mazziesaccount@...il.com>
Cc: Matti Vaittinen <matti.vaittinen@...rohmeurope.com>, Lars-Peter Clausen
 <lars@...afoo.de>, linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org,
 Chenyuan Yang <chenyuan0y@...il.com>
Subject: Re: [PATCH v2 0/2] Fix the iio-gts-helpers available times table
 sorting

On Mon, 6 May 2024 08:09:27 +0300
Matti Vaittinen <mazziesaccount@...il.com> wrote:

> On 5/5/24 20:50, Jonathan Cameron wrote:
> > On Tue, 30 Apr 2024 15:44:26 +0300
> > Matti Vaittinen <mazziesaccount@...il.com> wrote:
> >   
> >> Fix the available times table sorting in iio-gts-helpers
> >>
> >> This series contains a fix and test for the sorting of the available times in
> >> IIO-gts helpers. Fix was originally developed and posted by Chenyuan Yang.
> >>
> >> Revision history:
> >> 	v1 => v2:
> >> 	  - Fix the sender for patch 1/2 (Sic!)
> >> 	  - Fix Co-Developed-by tag (drop this from Chenyuan who
> >> 	    is the original author)
> >> 	  - Fix the From: tag as instructed in:
> >> 	    https://www.kernel.org/doc/html/latest/process/submitting-patches.html  
> > 
> > Am I right in thinking this doesn't matter for existing drivers?  
> 
> I think this is right. Only couple of in-tree drivers are using these 
> helpers for now, and all of them sorted the tables already in driver.
> 
> > As such not high priority for back porting?  
> 
> The bug is pretty nasty as it causes invalid memory accesses. Hence I'd 
> like to see this landing in the longterm kernels. It seems to me the GTS 
> helpers got merged in 6.4, so getting the fix backported to 6.6 might 
> make sense.
> 
> > I'll assume that and queue it up for 6.11. If someone shouts I can pull the fix
> > forwards, but then we have the mess of chasing the testing in later.  
> 
> I am sorry Jonathan but I'm not quite sure what you mean by "pulling fix 
> forward", or what is the "mess of chasing the testing in later" :)

Hmm. That was an odd choice of words :)  I just meant that I could send
the fix in the first set of fixes after 6.10-rc1 rather than waiting for 6.11.

For now I'll leave it queued for 6.11 on the basis there are a lot of ways
a driver writer can cause similar out of bounds accesses and they should
notice it not working during testing.  So it 'should' not be a problem to
not rush this in.

J
> 
> > Applied to the togreg branch of iio.git and pushed out as testing for 0-day
> > to poke at it.  
> 
> Thanks! Appreciate your work as always!
> 
> Yours,
> 	-- Matti
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ