lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 12 Aug 2022 12:40:23 -0700
From:   Jakub Kicinski <>
To:     Jakub Sitnicki <>
        van fantasy <>
Subject: Re: [PATCH net] l2tp: Serialize access to sk_user_data with sock

On Fri, 12 Aug 2022 11:54:43 +0200 Jakub Sitnicki wrote:
> On Thu, Aug 11, 2022 at 10:23 AM -07, Jakub Kicinski wrote:
> > On Wed, 10 Aug 2022 12:28:48 +0200 Jakub Sitnicki wrote:  
> >> Fixes: fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts")  
> >
> > That tag immediately sets off red flags. Please find the commit where
> > to code originates, not where it was last moved.  
> The code move happened in v2.6.35. There's no point in digging further, IMHO.

We can discuss a new "fixes-all-stable-trees" tag but until then let's
just stick to the existing rules.

As luck would have it in this case I think the tag is actually correct,
AFAICT the socket _was_ locked before the code move / refactoring?

> >> Reported-by: van fantasy <>
> >> Tested-by: van fantasy <>  
> >
> > Can we get real names? Otherwise let's just drop those tags.
> > I know that the legal name requirement is only for S-o-b tags,
> > technically, but it feels silly.  
> I don't make the rules. There is already a precendent in the git log:

Ack, I'm aware, that's why I complained. If it's a single case meh, but
Haowei Yan seems to be quite prolific in finding bugs so switching to 
the real name is preferable.


Powered by blists - more mailing lists