From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Guy Briggs Subject: Re: Report Double Fetch Bug Found in Linux-4.6.1/kernel/auditsc.c Date: Tue, 21 Jun 2016 16:47:57 -0400 Message-ID: <20160621204757.GC29695@madcap2.tricolour.ca> References: <20160621191847.GB29695@madcap2.tricolour.ca> <1466539177.27155.204.camel@decadent.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Content-Disposition: inline In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: Andy Lutomirski Cc: "security@kernel.org" , Pengfei Wang , "Krinke, Jens" , Oleg Nesterov , linux-audit@redhat.com, Ben Hutchings List-Id: linux-audit@redhat.com T24gMjAxNi0wNi0yMSAxMzozMSwgQW5keSBMdXRvbWlyc2tpIHdyb3RlOgo+IE9uIFR1ZSwgSnVu IDIxLCAyMDE2IGF0IDEyOjU5IFBNLCBCZW4gSHV0Y2hpbmdzIDxiZW5AZGVjYWRlbnQub3JnLnVr PiB3cm90ZToKPiA+IE9uIFR1ZSwgMjAxNi0wNi0yMSBhdCAxNToxOCAtMDQwMCwgUmljaGFyZCBH dXkgQnJpZ2dzIHdyb3RlOgo+ID4+IE9uIDIwMTYtMDYtMjEgMTk6MjAsIEJlbiBIdXRjaGluZ3Mg d3JvdGU6Cj4gPj4gPiBPbiBUdWUsIDIwMTYtMDYtMjEgYXQgMTQ6MTQgLTA0MDAsIFJpY2hhcmQg R3V5IEJyaWdncyB3cm90ZToKPiA+PiA+ID4gT24gMjAxNi0wNi0yMSAxMDo1MSwgQmVuIEh1dGNo aW5ncyB3cm90ZToKPiA+PiA+ID4gPiBPbiBUdWUsIDIwMTYtMDYtMjEgYXQgMTA6MzcgKzAxMDAs IFBlbmdmZWkgV2FuZyB3cm90ZToKPiA+PiA+ID4gPiA+ID4KPiA+PiA+ID4gPiA+ID4g5ZyoIDIw MTblubQ25pyIMjDml6XvvIzkuIvljYg4OjE477yMT2xlZyBOZXN0ZXJvdiA8b2xlZ0ByZWRoYXQu Y29tPiDlhpnpgZPvvJoKPiA+PiA+ID4gPiA+ID4KPiA+PiA+ID4gPiA+ID4gTm90IHRoYXQgSSB1 bmRlcnN0YW5kIHRoaXMgcmVwb3J0LCBidXQKPiA+PiA+ID4gPiA+ID4KPiA+PiA+ID4gPiA+ID4g T24gMDYvMjAsIFJpY2hhcmQgR3V5IEJyaWdncyB3cm90ZToKPiA+PiA+ID4gPiA+ID4gPgo+ID4+ ID4gPiA+ID4gPiA+IFRoaXMgZnVuY3Rpb24gaXMgb25seSBldmVyIGNhbGxlZCBieSBfX2F1ZGl0 X2ZyZWUoKSwgd2hpY2ggaXMgb25seSBldmVyCj4gPj4gPiA+ID4gPiA+ID4gY2FsbGVkIG9uIGZh aWx1cmUgb2YgdGFzayBjcmVhdGlvbiBvciBvbiBleGl0IG9mIHRoZSB0YXNrLCBzbyBpbiBuZWl0 aGVyCj4gPj4gPiA+ID4gPiA+ID4gY2FzZSBjYW4gYW55dGhpbmcgZWxzZSBjaGFuZ2UgaXQuCj4g Pj4gPiA+ID4gPiA+Cj4gPj4gPiA+ID4gPiA+IEhvdyBzbz8KPiA+PiA+ID4gPiA+ID4KPiA+PiA+ ID4gPiA+ID4gQW5vdGhlciB0aHJlYWQgb3IgQ0xPTkVfVk0gdGFzayBvciAvcHJvYy9waWQvbWVt IGNhbiBjaGFuZ2UgdGhlIHVzZXItc3BhY2UKPiA+PiA+ID4gPiA+ID4gbWVtb3J5IGluIHBhcmFs bGVsLgo+ID4+ID4gPiA+ID4gPgo+ID4+ID4gPiA+ID4gPiBPbGVnLgo+ID4+ID4gPiA+ID4KPiA+ PiA+ID4gPiA+Cj4gPj4gPiA+ID4gPiBFeGFjdGx5LCBieSBzYXlpbmcg4oCcY2hhbmdlIHRoZSBk YXRh4oCdLCBJIG1lYW4gdGhlIG1vZGlmaWNhdGlvbiBmcm9tCj4gPj4gPiA+ID4gPiBtYWxpY2lv dXMgdXNlcnMgd2l0aCBjcmFmdGVkIG9wZXJhdGlvbnMgb24gdGhlIHVzZXIgc3BhY2UgbWVtb3J5 Cj4gPj4gPiA+ID4gPiBkaXJlY3RseSwgcmF0aGVyIHRoYW4gdGhlIG5vcm1hbCBvcGVyYXRpb25z IHdpdGhpbiB0aGUgYXVkaXQKPiA+PiA+ID4gPiA+IHN1YnN5c3RlbSBpbiBMaW51eC4gTW9yZW92 ZXIsIHNpbmNlIHRoZSBjb3B5IG9wZXJhdGlvbnMgZnJvbSB0aGUgdXNlcgo+ID4+ID4gPiA+ID4g c3BhY2UgYXJlIG5vdCBwcm90ZWN0ZWQgYnkgYW55IGxvY2tzIG9yIHN5bmNocm9uaXphdGlvbiBw cmltaXRpdmVzLAo+ID4+ID4gPiA+ID4gY2hhbmdpbmcgdGhlIGRhdGEgdW5kZXIgcmFjZSBjb25k aXRpb24gaXMgZmVhc2libGUgSSB0aGluay4gQmVzaWRlcywKPiA+PiA+ID4gPiA+IHRoZXJlIGlz buKAmXQgYW55IHZpc2libGUgY2hlY2tpbmcgc3RlcCBpbiB0aGUgY29kZSB0byBndWFyYW50ZWUg dGhlCj4gPj4gPiA+ID4gPiBjb25zaXN0ZW5jeSBiZXR3ZWVuIHRoZSB0d28gY29weSBvcGVyYXRp b25zLgo+ID4+ID4gPiA+ID4KPiA+PiA+ID4gPiA+IEhlcmUgSSB3b3VsZCBsaWtlIHRvIGZpZ3Vy ZSBvdXQgd2hhdCB0aGUgY29uc2VxdWVuY2VzIHJlYWxseSBhcmUgb25jZQo+ID4+ID4gPiA+ID4g dGhlIGRhdGEgaXMgY2hhbmdlZCBiZXR3ZWVuIHRoZSB0d28gY29weSBvcGVyYXRpb25zLCBzdWNo IGFzIGNoYW5naW5nCj4gPj4gPiA+ID4gPiBhIG5vbmUtY29udHJvbCBzdHJpbmcgdG8gYSBjb250 cm9sIHN0cmluZyBidXQgcHJvY2VzcyBpdCBhcyBhIG5vbmUtCj4gPj4gPiA+ID4gPiBjb250cm9s IHN0cmluZyB0aGF0IGhhcyBubyBjb250cm9sIGNoYXJzLiBJIHRoaW5rIHByb2JsZW1zIHdpbGwK PiA+PiA+ID4gPiA+IGhhcHBlbi4KPiA+PiA+ID4gPgo+ID4+ID4gPiA+IFNvIGZhciBhcyB1c2Vy bGFuZCBjYW4gc2VlLCBrZXJuZWwgbG9nIGxpbmVzIGFyZSBzZXBhcmF0ZWQgYnkgbmV3bGluZXMu Cj4gPj4gPiA+Cj4gPj4gPiA+IE5ld2xpbmVzIGFyZSBjb250cm9sIGNoYXJhY3RlcnMgdGhhdCB3 b3VsZCBiZSBjYXVnaHQgYnkgdGhhdCBmaWx0ZXIuCj4gPj4gPiA+IFRoYXQgZmlsdGVyIGNhdGNo ZXMgJyInLCA8IDB4MjEsID4gMHg3ZS4KPiA+PiA+ID4KPiA+PiA+ID4gPiBJZiB3ZSBmYWlsIHRv IGVzY2FwZSBhIG5ld2xpbmUsIHRoYXQgbWFrZXMgaXQgcG9zc2libGUgdG8gaW5qZWN0Cj4gPj4g PiA+ID4gYXJiaXRyYXJ5IGxvZyBsaW5lcyBpbnRvIHRoZSBrZXJuZWwgbG9nLCB3aGljaCBtYXkg YmUgbWlzbGVhZGluZyB0byB0aGUKPiA+PiA+ID4gPiBhZG1pbmlzdHJhdG9yIG9yIHRvIHNvZnR3 YXJlIHBhcnNpbmcgdGhlIGxvZy4KPiA+PiA+ID4KPiA+PiA+ID4gU28sIHRoaXMgaXMgYWRkcmVz c2VkLCBidXQgSSdtIHN0aWxsIHRyeWluZyB0byBhc3Nlc3MgdGhlIGRhbmdlciBvZiB0aGlzCj4g Pj4gPiA+IHJlcGVhdGVkIGNhbGwgdG8gY29weV9mcm9tX3VzZXIoKS4KPiA+PiA+Cj4gPj4gPiBU aGUgcHJvYmxlbSBpcyB0aGF0IG5ld2xpbmVzIGNhbiBiZSBhZGRlZCB0byB0aGUgc3RyaW5ncyBi eSBhbm90aGVyCj4gPj4gPiB0YXNrIGJldHdlZW4gdGhlIGZpcnN0IHBhc3MgdGhhdCBjaGVja3Mg Zm9yIGNvbnRyb2wgY2hhcmFjdGVycyBhbmQgdGhlCj4gPj4gPiBzZWNvbmQgcGFzcyB0aGF0IGNv cGllcyB0aGVtIHRvIHRoZSBsb2cuCj4gPj4KPiA+PiBVbmRlcnN0b29kLCBzbyB0aGlzIGlzIHRo ZSBzYW1lIHNvcnQgb2YgcHJvYmxlbSBhcyBQZW5nZmVpIGhhcyByYWlzZWQKPiA+PiB3aXRoIHJl c3BlY3QgdG8gZG91YmxlIHF1b3RlcyBiZWluZyBhZGRlZC4KPiA+Pgo+ID4+IEhvdyBjYW4gc3Vi c2VxdWVudCBhY2Nlc3NlcyBvZiBjb3B5X2Zyb21fdXNlcigpIGJlIGxvY2tlZCwgb3IgbWFrZSBz dXJlCj4gPj4gdGhlIGVudGlyZSBidWZmZXIgaXMgY29waWVkIGluIG9uZSBnbz8KPiA+Cj4gPiBJ IGRvbid0IGJlbGlldmUgaXQgY2FuLiAgQW5kIHRoZSBmYWN0IHRoYXQgdGhvc2Ugc3RyaW5ncyBj YW4gYmUKPiA+IG1vZGlmaWVkIGJlZm9yZSB0aGV5J3JlIGxvZ2dlZCBraW5kIG9mIGRlZmVhdHMg dGhlIHB1cnBvc2Ugb2YgYXVkaXRpbmcsCj4gPiBubz8gIFNlZW1zIGxpa2UgaXQgd291bGQgbWFr ZSBtb3JlIHNlbnNlIHRvIGNvcHkgdGhlIHByb2dyYW0gbmFtZSBmcm9tCj4gPiB0aGUgYmlucHJt LCBsb2cgdGhhdCBhdCB0aGlzIHBvaW50IGFuZCBkb24ndCBldmVuIGF0dGVtcHQgdG8gbG9nIHRo ZQo+ID4gYXJndW1lbnRzLgo+IAo+IEFncmVlZC4KCkknbSBzdGFydGluZyB0byBjb21lIGFyb3Vu ZCB0byB0aGF0IHNhbWUgY29uY2x1c2lvbi4gIEFueSBkcml2ZXJzIEkndmUKc2VlbiB0aGF0IGF0 dGVtcHQgdGhpcyBhcmUgZWl0aGVyIGxvY2tpbmcgYSBrZXJuZWwgc3RydWN1dHJlLCB3aGljaCBp cwp3aXRoaW4gaXRzIGNvbnRyb2wgKHByZWNsdWRpbmcgYW55IHVucmV2aWV3ZWQgIHBhdGNoZXMg b3IgbW9kdWxlcyksIG9yCmFyZSBsb2NraW5nIGEgdXNlcnNwYWNlIGVudGl0eSB0aGF0IGlzIHdp bGxmdWxseSBjby1vcGVyYXRpbmcsIG5laXRoZXIKb2Ygd2hpY2ggaXMgdGhpcyBjYXNlIHRoYXQg Y29uY2VybnMgdXMgaGVyZS4KCj4gWW91IGRlZmluaW50ZWx5IGNhbid0IGxvY2sgdGhlIHN0cmlu Zy4gIEFuIGF0dGFja2VyIGNvdWxkIHB1dCB0aGUKPiBzdHJpbmcgaW4gTUFQX1NIQVJFRCBtZW1v cnksIGZvciBleGFtcGxlLgoKVW5kZXJzdG9vZC4gIFNvIHRoZSBiZXN0IGVmZm9ydCB3ZSBjYW4g ZG8gYXQgdGhpcyBwb2ludCBpcyB0byBjb3B5IHRoZQpzdHJpbmcgYWxsIGF0IG9uY2UsIG5vdCBp dGVyYXRpbmcsIGFuZCBkb24ndCByZXBhc3MgdGhlIHN0cmluZyBhIHNlY29uZAp0aW1lIHRvIGRv IHRoZSBhY3R1YWwgd29yayBidXQgdXNlIHRoZSBmaXJzdCBjb3B5LgoKVGhhbmtzIGZvciB0aGUg c2FuaXR5IGNoZWNrIEFuZHkgYW5kIEJlbi4KCj4gLS1BbmR5CgotIFJHQgoKLS0KUmljaGFyZCBH dXkgQnJpZ2dzIDxyZ2JAcmVkaGF0LmNvbT4KS2VybmVsIFNlY3VyaXR5IEVuZ2luZWVyaW5nLCBC YXNlIE9wZXJhdGluZyBTeXN0ZW1zLCBSZWQgSGF0ClJlbW90ZSwgT3R0YXdhLCBDYW5hZGEKVm9p Y2U6ICsxLjY0Ny43NzcuMjYzNSwgSW50ZXJuYWw6ICg4MSkgMzI2MzUKCi0tCkxpbnV4LWF1ZGl0 IG1haWxpbmcgbGlzdApMaW51eC1hdWRpdEByZWRoYXQuY29tCmh0dHBzOi8vd3d3LnJlZGhhdC5j b20vbWFpbG1hbi9saXN0aW5mby9saW51eC1hdWRpdA==