lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZyzbQQGEaBRIRYi1@hovoldconsulting.com>
Date: Thu, 7 Nov 2024 16:22:41 +0100
From: Johan Hovold <johan@...nel.org>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: Qiu-ji Chen <chenqiuji666@...il.com>, dtwlin@...il.com,
	elder@...nel.org, greybus-dev@...ts.linaro.org,
	linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org,
	baijiaju1990@...il.com
Subject: Re: [PATCH v3] staging: greybus: uart: Fix atomicity violation in
 get_serial_info()

On Thu, Nov 07, 2024 at 04:11:00PM +0100, Greg Kroah-Hartman wrote:
> On Thu, Nov 07, 2024 at 07:33:37PM +0800, Qiu-ji Chen wrote:
> > Our static checker found a bug where set_serial_info() uses a mutex, but 
> > get_serial_info() does not. Fortunately, the impact of this is relatively 
> > minor. It doesn't cause a crash or any other serious issues. However, if a 
> > race condition occurs between set_serial_info() and get_serial_info(), 
> > there is a chance that the data returned by get_serial_info() will be 
> > meaningless.
> 
> Trailing whitespace :(
> 
> You should fix your editor to highlight this so it doesn't keep showing
> up.
> 
> > 
> > Signed-off-by: Qiu-ji Chen <chenqiuji666@...il.com>
> > Fixes: 0aad5ad563c8 ("greybus/uart: switch to ->[sg]et_serial()")

> - You have marked a patch with a "Fixes:" tag for a commit that is in an
>   older released kernel, yet you do not have a cc: stable line in the
>   signed-off-by area at all, which means that the patch will not be
>   applied to any older kernel releases.  To properly fix this, please
>   follow the documented rules in the
>   Documentation/process/stable-kernel-rules.rst file for how to resolve
>   this.

The CC-stable tag was left out on purpose (on my request IIRC) as this
is not fixing anything that's really a problem and is basically just
shutting the static checker up.

I believe this was also reflected in the commit message of v2 (even if
"inconsistent" may have been a better word than "meaningless").

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ