lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240827084202.6a2efzvosdpbc5ll@joelS2.panther.com>
Date: Tue, 27 Aug 2024 10:42:02 +0200
From: Joel Granados <j.granados@...sung.com>
To: Thomas Weißschuh <linux@...ssschuh.net>
CC: Luis Chamberlain <mcgrof@...nel.org>, Kees Cook <kees@...nel.org>,
	<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 1/6] sysctl: avoid spurious permanent empty tables

On Mon, Aug 05, 2024 at 01:51:55PM +0200, Thomas Weißschuh wrote:
> (trimmed recipients to only sysctl maintainers)
> 
> Hi Joel,
> 
> On 2024-08-05 11:39:35+0000, Thomas Weißschuh wrote:
> > The test if a table is a permanently empty one, inspects the address of
> > the registered ctl_table argument.
> > However as sysctl_mount_point is an empty array and does not occupy and
> > space it can end up sharing an address with another object in memory.
> > If that other object itself is a "struct ctl_table" then registering
> > that table will fail as it's incorrectly recognized as permanently empty.
> > 
> > Avoid this issue by adding a dummy element to the array so that is not
> > empty anymore.
> > Explicitly register the table with zero elements as otherwise the dummy
> > element would be recognized as a sentinel element which would lead to a
> > runtime warning from the sysctl core.
> > 
> > While the issue seems not being encountered at this time, this seems
> > mostly to be due to luck.
> > Also a future change, constifying sysctl_mount_point and root_table, can
> > reliably trigger this issue on clang 18.
> > 
> > Given that empty arrays are non-standard in the first place it seems
> > prudent to avoid them if possible.
> 
> Unfortunately I forgot to include the following trailers in this patch:
> 
> Reported-by: kernel test robot <oliver.sang@...el.com>
> Closes: https://lore.kernel.org/oe-lkp/202408051453.f638857e-lkp@intel.com
> 
> They will be part of v3 if it comes to that, but if you end up applying
> v2, please do also add those trailers.
> 

This is a bugfix and it should be included in the next release. Please send this
commit separately with the Reported-by tag, I'll make sure that this gets pushed
up for 6.11.

I'll add reviewing the rest of the patchset to my "coming back from PTO"
todolist. But since we are so late in the cycle, it might get bumped to the next
release.

Thx

-- 

Joel Granados

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ