lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <b2d99a52-2603-4027-9a24-efe13656d019@rbox.co>
Date: Thu, 16 May 2024 17:55:45 +0200
From: Michal Luczaj <mhal@...x.co>
To: Kuniyuki Iwashima <kuniyu@...zon.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
 netdev@...r.kernel.org, pabeni@...hat.com
Subject: Re: [PATCH net] af_unix: Fix garbage collection of embryos carrying
 OOB with SCM_RIGHTS

On 5/16/24 14:31, Kuniyuki Iwashima wrote:
> From: Michal Luczaj <mhal@...x.co>
> Date: Thu, 16 May 2024 12:20:48 +0200
>> ...
>> @@ -583,6 +588,8 @@ static void __unix_gc(struct work_struct *work)
>>  	skb_queue_walk(&hitlist, skb) {
>>  		if (UNIXCB(skb).fp)
>>  			UNIXCB(skb).fp->dead = true;
>> +
>> +		WARN_ON_ONCE(refcount_read(&skb->users) != 1);
> 
> Given we will refactor OOB with no additional refcount, this will not
> make sense.  Rather, I'd add a test case in a selftest to catch the
> future regression.

Sure, I get it.

> And I noticed that I actually tried to catch this in
> 
>   tools/testing/selftests/net/af_unix/scm_rights.c
> 
> , and what is missing is... :S
> ...
> Could you remove the WARN_ON_ONCE() and repost with my patch
> above ?

Done: https://lore.kernel.org/all/20240516145457.1206847-1-mhal@rbox.co/

thanks,
Michal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ