lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6pfbsqikuizxezhevr2ltp6lk6vqbbmgomwbgqfz256osjwky5@irmbenbudp2s>
Date: Thu, 3 Apr 2025 19:21:24 +0200
From: Mateusz Guzik <mjguzik@...il.com>
To: James Bottomley <James.Bottomley@...senpartnership.com>
Cc: Christian Brauner <brauner@...nel.org>, 
	Leon Romanovsky <leon@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, 
	pr-tracker-bot@...nel.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] vfs mount

On Thu, Apr 03, 2025 at 11:34:34AM -0400, James Bottomley wrote:
> On Thu, 2025-04-03 at 17:15 +0200, Christian Brauner wrote:
> > On Thu, Apr 03, 2025 at 10:29:37AM +0200, Christian Brauner wrote:
> > > On Tue, Apr 01, 2025 at 08:07:15PM +0300, Leon Romanovsky wrote:
> > > > On Mon, Mar 24, 2025 at 09:00:59PM +0000,
> > > > pr-tracker-bot@...nel.org wrote:
> > > > > The pull request you sent on Sat, 22 Mar 2025 11:13:18 +0100:
> > > > > 
> > > > > > git@...olite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs
> > > > > > tags/vfs-6.15-rc1.mount
> > > > > 
> > > > > has been merged into torvalds/linux.git:
> > > > > https://git.kernel.org/torvalds/c/fd101da676362aaa051b4f5d8a941bd308603041
> > > > 
> > > > I didn't bisect, but this PR looks like the most relevant
> > > > candidate.
> > > > The latest Linus's master generates the following slab-use-after-
> > > > free:
> > > 
> > > Sorry, did just see this today. I'll take a look now.
> > 
> > So in light of "Liberation Day" and the bug that caused this splat
> > it's
> > time to quote Max Liebermann:
> > 
> > "Ich kann nicht so viel fressen, wie ich kotzen möchte."
> 
> > --- a/fs/namespace.c
> > +++ b/fs/namespace.c
> > @@ -2478,7 +2478,8 @@ struct vfsmount *clone_private_mount(const
> > struct path *path)
> >  	struct mount *old_mnt = real_mount(path->mnt);
> >  	struct mount *new_mnt;
> >  
> > -	scoped_guard(rwsem_read, &namespace_sem)
> > +	guard(rwsem_read, &namespace_sem);
> > +
> >  	if (IS_MNT_UNBINDABLE(old_mnt))
> >  		return ERR_PTR(-EINVAL);
> > 
> 
> Well that's a barfworthy oopsie, yes.  However, it does strike me as an
> easy one to make for a lot of these cleanup.h things since we have a
> lot of scoped and unscoped variants.  We should, at least, get
> checkpatch to issue a warning about indentation expectations as it does
> for our other scoped statements like for, while, if etc.
> 

I think this is too easy of a mistake to make to try to detect in
checkpatch.

I would argue it would be best if a language wizard came up with a way
to *demand* explicit use of { } and fail compilation if not present.

This would also provide a nice side effect of explicitly delineating
what's protected.

There are some legitimate { }-less users already, it should not pose
difficulty to patch them. I can do the churn, provided someone fixes the
problem.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ