From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joe Perches Subject: Re: use-after-free in sctp_do_sm Date: Thu, 03 Dec 2015 12:24:06 -0800 Message-ID: <1449174246.12092.8.camel@perches.com> References: <20151203130525.GB4164@mrl.redhat.com> <566098BD.6010803@akamai.com> <1449172984.12092.0.camel@perches.com> <5660A1A7.3080301@akamai.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: Eric Dumazet , syzkaller , Vladislav Yasevich , linux-sctp@vger.kernel.org, netdev , Kostya Serebryany , Alexander Potapenko , Sasha Levin To: Jason Baron , Aaron Conole , Dmitry Vyukov Return-path: Received: from smtprelay0160.hostedemail.com ([216.40.44.160]:35541 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753739AbbLCUYL (ORCPT ); Thu, 3 Dec 2015 15:24:11 -0500 In-Reply-To: <5660A1A7.3080301@akamai.com> Sender: netdev-owner@vger.kernel.org List-ID: On Thu, 2015-12-03 at 15:10 -0500, Jason Baron wrote: > On 12/03/2015 03:03 PM, Joe Perches wrote: > > On Thu, 2015-12-03 at 14:32 -0500, Jason Baron wrote: > > > On 12/03/2015 01:52 PM, Aaron Conole wrote: > > > > I think that as a minimum, the following patch should be evalut= ed, > > > > but am unsure to whom I should submit it (after I test): > > [] > > > Agreed - the intention here is certainly to have no side effects.= It > > > looks like 'no_printk()' is used in quite a few other places that= would > > > benefit from this change. So we probably want a generic > > > 'really_no_printk()' macro. > >=20 > > https://lkml.org/lkml/2012/6/17/231 >=20 > I don't see this in the tree. It never got applied. > Also maybe we should just convert > no_printk() to do what your 'eliminated_printk()'. Some of them at least. > So we can convert all users with this change? I don't think so, I think there are some function evaluation/side effects that are required. =A0I believe some do hardware I/O. It'd be good to at least isolate them. I'm not sure how to find them via some automated tool/mechanism though. I asked Julia Lawall about it once in this thread: https://lkml.org/lkml/2014/12/3/696 From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joe Perches Date: Thu, 03 Dec 2015 20:24:06 +0000 Subject: Re: use-after-free in sctp_do_sm Message-Id: <1449174246.12092.8.camel@perches.com> List-Id: References: <20151203130525.GB4164@mrl.redhat.com> <566098BD.6010803@akamai.com> <1449172984.12092.0.camel@perches.com> <5660A1A7.3080301@akamai.com> In-Reply-To: <5660A1A7.3080301@akamai.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: Jason Baron , Aaron Conole , Dmitry Vyukov Cc: Eric Dumazet , syzkaller , Vladislav Yasevich , linux-sctp@vger.kernel.org, netdev , Kostya Serebryany , Alexander Potapenko , Sasha Levin On Thu, 2015-12-03 at 15:10 -0500, Jason Baron wrote: > On 12/03/2015 03:03 PM, Joe Perches wrote: > > On Thu, 2015-12-03 at 14:32 -0500, Jason Baron wrote: > > > On 12/03/2015 01:52 PM, Aaron Conole wrote: > > > > I think that as a minimum, the following patch should be evaluted, > > > > but am unsure to whom I should submit it (after I test): > > [] > > > Agreed - the intention here is certainly to have no side effects. It > > > looks like 'no_printk()' is used in quite a few other places that wou= ld > > > benefit from this change. So we probably want a generic > > > 'really_no_printk()' macro. > >=20 > > https://lkml.org/lkml/2012/6/17/231 >=20 > I don't see this in the tree. It never got applied. > Also maybe we should just convert > no_printk() to do what your 'eliminated_printk()'. Some of them at least. > So we can convert all users with this change? I don't think so, I think there are some function evaluation/side effects that are required. =A0I believe some do hardware I/O. It'd be good to at least isolate them. I'm not sure how to find them via some automated tool/mechanism though. I asked Julia Lawall about it once in this thread: https://lkml.org/lkml/2014/12/3/696