lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <175708415877.334139.11409801733118104229.b4-ty@bootlin.com>
Date: Fri, 05 Sep 2025 16:55:58 +0200
From: Miquel Raynal <miquel.raynal@...tlin.com>
To: Richard Weinberger <richard@....at>, 
 Vignesh Raghavendra <vigneshr@...com>, Gabor Juhos <j4g8y7@...il.com>
Cc: linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org, 
 stable@...r.kernel.org, Daniel Golle <daniel@...rotopia.org>
Subject: Re: [PATCH v2] mtd: core: always verify OOB offset in
 mtd_check_oob_ops()

On Mon, 01 Sep 2025 16:24:35 +0200, Gabor Juhos wrote:
> Using an OOB offset past end of the available OOB data is invalid,
> irregardless of whether the 'ooblen' is set in the ops or not. Move
> the relevant check out from the if statement to always verify that.
> 
> The 'oobtest' module executes four tests to verify how reading/writing
> OOB data past end of the devices is handled. It expects errors in case
> of these tests, but this expectation fails in the last two tests on
> MTD devices, which have no OOB bytes available.
> 
> [...]

Applied to mtd/next, thanks!

[1/1] mtd: core: always verify OOB offset in mtd_check_oob_ops()
      commit: bf7d0543b2602be5cb450d8ec5a8710787806f88

Patche(s) should be available on mtd/linux.git and will be
part of the next PR (provided that no robot complains by then).

Kind regards,
Miquèl

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ