lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.21.2501291541500.56843@angie.orcam.me.uk>
Date: Wed, 29 Jan 2025 16:02:26 +0000 (GMT)
From: "Maciej W. Rozycki" <macro@...am.me.uk>
To: Ivan Kokshaysky <ink@...een.parts>
cc: Richard Henderson <richard.henderson@...aro.org>, 
    Matt Turner <mattst88@...il.com>, Oleg Nesterov <oleg@...hat.com>, 
    Al Viro <viro@...iv.linux.org.uk>, Arnd Bergmann <arnd@...db.de>, 
    "Paul E. McKenney" <paulmck@...nel.org>, 
    Magnus Lindholm <linmag7@...il.com>, linux-alpha@...r.kernel.org, 
    linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/4] alpha: stack fixes

On Wed, 29 Jan 2025, Ivan Kokshaysky wrote:

> Somehow we got away with it until recently, when we ended up with
> a stack corruption in kernel/smp.c:smp_call_function_single() due to
> its use of 32-byte aligned local data and the compiler doing clever
> things allocating it on the stack.

 Thank you for doing this work.

 I'll review/verify your changes by hand and push them through GCC and
glibc regression testing, which should hopefully pick any fallout without 
having it buried among any intermittent failures, and report back.

 However, would you please cc <stable@...nel.org> with your submission, v2 
presumably, so as to have these changes backported?

 The thing is I find it quite a grave bug being fixed here, which has been 
there for decades and triggering occasionally[1], and it might be the only 
way for users of certain older systems to get a kernel with the fix 
already applied.  As you may have been aware non-BWX Alpha support has 
been removed and while I'm working on bringing it back, it will likely be 
missing support for specific models such as Jensen there will be no kernel 
developer to look after.  So getting an LTS kernel might be the only way 
to get a stable system for some people.

References:

[1] "System fails to boot when CONFIG_SMP=y", 
    <https://bugzilla.kernel.org/show_bug.cgi?id=213143>

  Maciej

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ