lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <34c98e3ca24e4c88b9ba61c6f637671b@huawei.com>
Date: Tue, 13 Jan 2026 01:52:34 +0000
From: duchangbin <changbin.du@...wei.com>
To: Jonathan Corbet <corbet@....net>
CC: duchangbin <changbin.du@...wei.com>, Mauro Carvalho Chehab
	<mchehab@...nel.org>, "linux-doc@...r.kernel.org"
	<linux-doc@...r.kernel.org>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, Mauro Carvalho Chehab
	<mchehab+huawei@...nel.org>
Subject: Re: [PATCH v4] tools: jobserver: Prevent deadlock caused by incorrect
 jobserver configuration and enhance error reporting

On Mon, Jan 12, 2026 at 09:08:58AM -0700, Jonathan Corbet wrote:
> Changbin Du <changbin.du@...wei.com> writes:
> 
> > When using GNU Make's jobserver feature in kernel builds, a bug in MAKEFLAGS
> > propagation caused "--jobserver-auth=r,w" to reference an unintended file
> > descriptor. This led to infinite loops in jobserver-exec's os.read() calls
> > due to empty token.
> >
> > My shell opened /etc/passwd for some reason without closing it, and as a
> > result, all child processes inherited this fd 3.
> >
> > $ ls -l /proc/self/fd
> > total 0
> > lrwx------ 1 changbin changbin 64 Dec 25 13:03 0 -> /dev/pts/1
> > lrwx------ 1 changbin changbin 64 Dec 25 13:03 1 -> /dev/pts/1
> > lrwx------ 1 changbin changbin 64 Dec 25 13:03 2 -> /dev/pts/1
> > lr-x------ 1 changbin changbin 64 Dec 25 13:03 3 -> /etc/passwd
> > lr-x------ 1 changbin changbin 64 Dec 25 13:03 4 -> /proc/1421383/fd
> >
> > In this case, the `make` should open a new file descriptor for jobserver
> > control, but clearly, it did not do so and instead still passed fd 3 as
> > "--jobserver-auth=3,4" in MAKEFLAGS. (The version of my gnu make is 4.3)
> >
> > This update ensures robustness against invalid jobserver configurations,
> > even when `make` incorrectly pass non-pipe file descriptors.
> >  * Rejecting empty reads to prevent infinite loops on EOF.
> >  * Clearing `self.jobs` to avoid writing to incorrect files if invalid tokens
> >    are detected.
> >  * Printing detailed error messages to stderr to inform the user.
> >
> > Cc: Mauro Carvalho Chehab <mchehab+huawei@...nel.org>
> > Reviewed-by: Mauro Carvalho Chehab <mchehab+huawei@...nel.org>
> > Signed-off-by: Changbin Du <changbin.du@...wei.com>
> 
> So I've applied this; it appears to work, though I can't really test the
> error case that it is intended to fix.
> 

Here's my local test result in case you need it.

$ make ARCH=riscv LLVM=1 LLVM_IAS=1 -j$(nproc) Image
  ...
  AR      drivers/built-in.a
  AR      built-in.a
  AR      vmlinux.a
  GEN     .tmp_initcalls.lds
jobserver: warning: ValueError("unexpected empty token from jobserver fd, invalid '--jobserver-auth=' setting?")
  LD      vmlinux.o

-- 
Cheers,
Changbin Du

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ