From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752514AbbCYK64 (ORCPT ); Wed, 25 Mar 2015 06:58:56 -0400 Received: from h1446028.stratoserver.net ([85.214.92.142]:57990 "EHLO mail.ahsoftware.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751628AbbCYK6w (ORCPT ); Wed, 25 Mar 2015 06:58:52 -0400 Message-ID: <551294E6.5020609@ahsoftware.de> Date: Wed, 25 Mar 2015 11:58:46 +0100 From: Alexander Holler User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Greg Kroah-Hartman CC: linux-kernel@vger.kernel.org, stable@vger.kernel.org, Al Viro Subject: Re: [PATCH 3.19 091/123] gadgetfs: use-after-free in ->aio_read() References: <20150324154423.655554012@linuxfoundation.org> <20150324154428.117696639@linuxfoundation.org> <55119F29.5030308@ahsoftware.de> <20150324175850.GA7215@kroah.com> <5511A7C0.2000807@ahsoftware.de> <20150325083353.GC28204@kroah.com> <55127E8F.6010007@ahsoftware.de> <20150325101507.GA20259@kroah.com> In-Reply-To: <20150325101507.GA20259@kroah.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am 25.03.2015 um 11:15 schrieb Greg Kroah-Hartman: > On Wed, Mar 25, 2015 at 10:23:27AM +0100, Alexander Holler wrote: >> Am 25.03.2015 um 09:33 schrieb Greg Kroah-Hartman: >>> Is there a specific patch that is in Linus's tree that fixes this issue >>> that I should be applying to the stable tree? >> >> No specific one. The changes of this patch were discarded by other patches >> in Linus tree which fixed other problems of gadgetfs too. >> >> Besides that the solution for this one specific patch is a one-liner, I'll >> give a short overview: >> >> - gadgetfs is already unusable since 3.16 (even with this patch) because >> (p)read/(p)write doesn't work (fixed with 4.0) >> - the problem this patch fixes is unlikely to be hit because glibc doesn't >> use the Linux aio-syscall, but pread/pwrite, which means someone has to use >> a special lib and not aio(7) to end up at the syscall the patch in question >> fixes. >> - there aren't that many users of gadgetfs >> >> No idea if you want to apply or backport the whole series found in Al Viros >> vfs.git/gadgetfs. > > As this has been broken since 3.16, and no one has taken the time to fix > it since then, it's not really an issue here, people can just use 4.0 if > they want it. Just a hint I think which should be kept in mind: Debian still uses something below 3.16, which very likely is the reason why nobody has hit (and examined) these bugs before. Regards, Alexander Holler