lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2025071835-enjoying-darn-f5d8@gregkh>
Date: Fri, 18 Jul 2025 12:27:14 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Nam Cao <namcao@...utronix.de>
Cc: Steven Rostedt <rostedt@...dmis.org>,
	Masami Hiramatsu <mhiramat@...nel.org>,
	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	Gabriele Monaco <gmonaco@...hat.com>,
	linux-trace-kernel@...r.kernel.org, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH] rv: Ensure containers are registered first

On Fri, Jul 18, 2025 at 11:18:50AM +0200, Nam Cao wrote:
> If rv_register_monitor() is called with a non-NULL parent pointer (i.e. by
> monitors inside a container), it is expected that the parent (a.k.a
> container) is already registered.
> 
> The containers seem to always be registered first. I suspect because of the
> order in Makefile. But nothing guarantees this.

Yes, linking order matters, and it does guarantee this.  We rely on
linking order in the kernel in many places.

> If this registering order is changed, "strange" things happen. For example,
> if the container is registered last, rv_is_container_monitor() incorrectly
> says this is NOT a container. .enable() is then called, which is NULL for
> container, thus we have a NULL pointer deref crash.
> 
> Guarantee that containers are registered first.
> 
> Fixes: cb85c660fcd4 ("rv: Add option for nested monitors and include sched")
> Signed-off-by: Nam Cao <namcao@...utronix.de>
> Cc: stable@...r.kernel.org
> ---
>  include/linux/rv.h                                        | 5 +++++
>  kernel/trace/rv/monitors/pagefault/pagefault.c            | 4 ++--
>  kernel/trace/rv/monitors/rtapp/rtapp.c                    | 4 ++--
>  kernel/trace/rv/monitors/sched/sched.c                    | 4 ++--
>  kernel/trace/rv/monitors/sco/sco.c                        | 4 ++--
>  kernel/trace/rv/monitors/scpd/scpd.c                      | 4 ++--
>  kernel/trace/rv/monitors/sleep/sleep.c                    | 4 ++--
>  kernel/trace/rv/monitors/sncid/sncid.c                    | 4 ++--
>  kernel/trace/rv/monitors/snep/snep.c                      | 4 ++--
>  kernel/trace/rv/monitors/snroc/snroc.c                    | 4 ++--
>  kernel/trace/rv/monitors/tss/tss.c                        | 4 ++--
>  kernel/trace/rv/monitors/wip/wip.c                        | 4 ++--
>  kernel/trace/rv/monitors/wwnr/wwnr.c                      | 4 ++--
>  tools/verification/rvgen/rvgen/templates/container/main.c | 4 ++--
>  tools/verification/rvgen/rvgen/templates/dot2k/main.c     | 4 ++--
>  tools/verification/rvgen/rvgen/templates/ltl2k/main.c     | 4 ++--
>  16 files changed, 35 insertions(+), 30 deletions(-)

As there is no bug now, why is this a cc: stable patch?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ