| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Sep 2020 05:10:06 +0530
From: Anant Thazhemadam <anant.thazhemadam@...il.com>
To: unlisted-recipients:; (no To-header on input)
Cc: linux-kernel-mentees@...ts.linuxfoundation.org,
syzbot+c613e88b3093ebf3686e@...kaller.appspotmail.com,
syzbot+d0f27d9af17914bf253b@...kaller.appspotmail.com,
syzbot+3025b9294f8cb0ede850@...kaller.appspotmail.com,
syzbot+0f84f6eed90503da72fc@...kaller.appspotmail.com,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>,
Bjorn Andersson <bjorn.andersson@...aro.org>,
Masahiro Yamada <masahiroy@...nel.org>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: qrtr: Reintroduce ARCH_QCOM as a dependency for QRTR
On 09/09/20 5:03 am, Anant Thazhemadam wrote:
> Removing ARCH_QCOM, as a dependency for QRTR begins to give rise to
> issues with respect to maintaining reference count integrity and
> suspicious rcu usage.
>
> The bugs resolved by making QRTR dependent on ARCH_QCOM include:
>
> * WARNING: refcount bug in qrtr_node_lookup
> Reported-by: syzbot+c613e88b3093ebf3686e@...kaller.appspotmail.com
> * WARNING: refcount bug in qrtr_recvmsg
> Reported-by: syzbot+d0f27d9af17914bf253b@...kaller.appspotmail.com
> * WARNING: suspicious RCU usage in ctrl_cmd_new_lookup
> Reported-by: syzbot+3025b9294f8cb0ede850@...kaller.appspotmail.com
> * WARNING: suspicious RCU usage in qrtr_ns_worker
> Reported-by: syzbot+0f84f6eed90503da72fc@...kaller.appspotmail.com
>
> Signed-off-by: Anant Thazhemadam <anant.thazhemadam@...il.com>
> ---
> As I understand it, QRTR was initially dependent upon ARCH_QCOM, but was
> removed since not all modems using IPC Router protocol required the
> support provided for Qualcomm platforms.
> However, wouldn't ARCH_QCOM be required by the modems that require the
> support provided for Qualcomm platforms?
> The configuration ARCH_QCOM isn't exactly the easiest to find, especially,
> for those who don't know what they're looking for (syzbot included, I
> guess).
> I don't feel like the tradeoff of not depending on ARCH_QCOM over giving
> rise to potential bugs is worth it.
> Is NOT having QRTR depend on ARCH_QCOM so critical that it supersedes the
> priority of not giving rise to potential bugs?
>
> net/qrtr/Kconfig | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/qrtr/Kconfig b/net/qrtr/Kconfig
> index b4020b84760f..8156d0f3656b 100644
> --- a/net/qrtr/Kconfig
> +++ b/net/qrtr/Kconfig
> @@ -4,6 +4,7 @@
>
> config QRTR
> tristate "Qualcomm IPC Router support"
> + depends on ARCH_QCOM
> help
> Say Y if you intend to use Qualcomm IPC router protocol. The
> protocol is used to communicate with services provided by other
I believe I've been mistaken. I realize, requiring ARCH_QCOM wouldn't
extend functionality, but would limit it to ONLY Qualcomm platforms.
That makes sense, and would also explain the false positive results
obtained when tried to test with syzbot, since syzbot wouldn't be
able to build in the first place.
Sorry for the trouble, you may ignore this patch.
thanks,
Anant
Powered by blists - more mailing lists