| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c7d9d97b-991c-4b84-a99a-60473f8ce929@kernel.dk> Date: Wed, 4 Sep 2024 07:49:27 -0600 From: Jens Axboe <axboe@...nel.dk> To: Jan Kara <jack@...e.cz>, Yu Kuai <yukuai1@...weicloud.com> Cc: tj@...nel.org, josef@...icpanda.com, paolo.valente@...more.it, mauro.andreolini@...more.it, avanzini.arianna@...il.com, cgroups@...r.kernel.org, linux-block@...r.kernel.org, linux-kernel@...r.kernel.org, yi.zhang@...wei.com, yangerkun@...wei.com, "yukuai (C)" <yukuai3@...wei.com> Subject: Re: [PATCH for-6.12 0/4] block, bfq: fix corner cases related to bfqq merging On 9/4/24 6:29 AM, Jan Kara wrote: > On Wed 04-09-24 09:32:26, Yu Kuai wrote: >> ? 2024/09/03 23:51, Jens Axboe ??: >>> On 9/2/24 7:03 AM, Yu Kuai wrote: >>>> From: Yu Kuai <yukuai3@...wei.com> >>>> >>>> Our syzkaller report a UAF problem(details in patch 1), however it can't >>>> be reporduced. And this set are some corner cases fix that might be >>>> related, and they are found by code review. >>>> >>>> Yu Kuai (4): >>>> block, bfq: fix possible UAF for bfqq->bic with merge chain >>>> block, bfq: choose the last bfqq from merge chain in >>>> bfq_setup_cooperator() >>>> block, bfq: don't break merge chain in bfq_split_bfqq() >>>> block, bfq: use bfq_reassign_last_bfqq() in bfq_bfqq_move() >>>> >>>> block/bfq-cgroup.c | 7 +------ >>>> block/bfq-iosched.c | 17 +++++++++++------ >>>> block/bfq-iosched.h | 2 ++ >>>> 3 files changed, 14 insertions(+), 12 deletions(-) >>> >>> BFQ is effectively unmaintained, and has been for quite a while at >>> this point. I'll apply these, thanks for looking into it, but I think we >>> should move BFQ to an unmaintained state at this point. >> >> Sorry to hear that, we would be willing to take on the responsibility of >> maintaining this code, please let me know if there are any specific >> guidelines or processes we should follow. We do have customers are using >> bfq in downstream kernels, and we are still running lots of test for >> bfq. > > That would be awesome. I don't think there's much of a process to follow > given there's not much happening in BFQ. You can add yourself to > MAINTAINERS file under "BFQ I/O SCHEDULER" entry and then do your best to > keep BFQ alive by fixing bugs and responding to reports :) I'm not sure if > Jens would prefer you'd create your git tree from which he will pull or > whether merging patches is fine - he has to decide. The usual process is that you start actually maintaining it, and after a bit of a track record has been proven, then add the maintainers entry. Too many times people start by adding a maintainers entry and then don't really do anything. Not saying that'd necessarily be the case here, but maintaining first and then adding an entry down the line seems like the better approach. I prefer people sending patches, as there's less risk there for messing it up. Maintaining a git tree may seem easy, but lots of people end up messing it up, particularly as a new maintainer. -- Jens Axboe
Powered by blists - more mailing lists