* [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths
@ 2022-01-28 20:28 vbendel
2022-01-28 20:28 ` [PATCH 1/3] selinux: consistently clear cond_list on " vbendel
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: vbendel @ 2022-01-28 20:28 UTC (permalink / raw)
To: paul, stephen.smalley.work, eparis
Cc: omosnace, selinux, linux-kernel, Vratislav Bendel
There are two users of policydb->cond_list: cond_read_list()
and duplicate_policydb_cond_list(). If any of them gets an error,
usually an -ENOMEM, the error-path-cleanup *_destroy() functions
get called twice: firstly from these two and secondly from
the caller functions' error paths.
In case such -ENOMEM happens while assigning cond_node data, i.e.
while ->cond_list_len is already non-zero, it leads to inappropriate
dereferencing of policydb->cond_list[] data in the second called
cond_list_destroy() from the caller functions' error paths, resulting
with:
- NULL pointer deref from cond_read_list();
- use-after-free + double-free from duplicate_policydb_cond_list().
(the cond_read_list() manages to set ->cond_list to NULL)
Patch 1/3 simply makes the error behavior consistent by always setting
->cond_list to NULL.
Patch 2/3 fixes the actual bug by resetting ->cond_list_len to 0,
so any subsequent cond_list_destroy() calls would become noop.
Patch 3/3 cleans up the duplicate *_destroy calls on these error paths,
albeit it's a bit questionable and I'm looking for feedback on it:
- on one hand the idea is that the caller functions call the *_destroy()
bits anyway, hence removing duplicate efforts (which also fixes the bug,
but I'd still prefer to apply patches 1 and 2 regardless);
- on the other hand it's appropriate and more bug-proof for a function
to clean everything it allocated on error.
Hence I'm looking forward to seeing what approach the upstream would find
more appropriate.
Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/3] selinux: consistently clear cond_list on error paths
2022-01-28 20:28 [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths vbendel
@ 2022-01-28 20:28 ` vbendel
2022-02-01 17:38 ` Paul Moore
2022-01-28 20:28 ` [PATCH 2/3] selinux: fix double free of " vbendel
` (2 subsequent siblings)
3 siblings, 1 reply; 9+ messages in thread
From: vbendel @ 2022-01-28 20:28 UTC (permalink / raw)
To: paul, stephen.smalley.work, eparis
Cc: omosnace, selinux, linux-kernel, Vratislav Bendel
From: Vratislav Bendel <vbendel@redhat.com>
Currently there are two users of policydb->cond_list: cond_read_list()
and duplicate_policydb_cond_list(). On their error path one clears
->cond_list to NULL, but the other doesn't.
Make the behavior consistent by resetting ->cond_list to NULL in
cond_list_destroy(), which is called by both on the error path.
Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
---
security/selinux/ss/conditional.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 2ec6e5cd25d9..1d0e5f326b62 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -152,6 +152,7 @@ static void cond_list_destroy(struct policydb *p)
for (i = 0; i < p->cond_list_len; i++)
cond_node_destroy(&p->cond_list[i]);
kfree(p->cond_list);
+ p->cond_list = NULL;
}
void cond_policydb_destroy(struct policydb *p)
@@ -441,7 +442,6 @@ int cond_read_list(struct policydb *p, void *fp)
return 0;
err:
cond_list_destroy(p);
- p->cond_list = NULL;
return rc;
}
--
2.26.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/3] selinux: fix double free of cond_list on error paths
2022-01-28 20:28 [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths vbendel
2022-01-28 20:28 ` [PATCH 1/3] selinux: consistently clear cond_list on " vbendel
@ 2022-01-28 20:28 ` vbendel
2022-01-28 20:28 ` [PATCH 3/3] selinux: remove duplicate cond_list clean up calls vbendel
2022-01-31 12:06 ` [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths Ondrej Mosnacek
3 siblings, 0 replies; 9+ messages in thread
From: vbendel @ 2022-01-28 20:28 UTC (permalink / raw)
To: paul, stephen.smalley.work, eparis
Cc: omosnace, selinux, linux-kernel, Vratislav Bendel
From: Vratislav Bendel <vbendel@redhat.com>
On error path from cond_read_list() and duplicate_policydb_cond_list()
the cond_list_destroy() gets called a second time in caller functions,
resulting in NULL pointer deref.
Fix this by resetting the cond_list_len to 0 in cond_list_destroy(),
making subsequent calls a noop.
Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
---
security/selinux/ss/conditional.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 1d0e5f326b62..8bc16ad3af9e 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -151,6 +151,8 @@ static void cond_list_destroy(struct policydb *p)
for (i = 0; i < p->cond_list_len; i++)
cond_node_destroy(&p->cond_list[i]);
+ p->cond_list_len = 0;
+
kfree(p->cond_list);
p->cond_list = NULL;
}
--
2.26.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 3/3] selinux: remove duplicate cond_list clean up calls
2022-01-28 20:28 [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths vbendel
2022-01-28 20:28 ` [PATCH 1/3] selinux: consistently clear cond_list on " vbendel
2022-01-28 20:28 ` [PATCH 2/3] selinux: fix double free of " vbendel
@ 2022-01-28 20:28 ` vbendel
2022-02-01 20:09 ` Paul Moore
2022-01-31 12:06 ` [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths Ondrej Mosnacek
3 siblings, 1 reply; 9+ messages in thread
From: vbendel @ 2022-01-28 20:28 UTC (permalink / raw)
To: paul, stephen.smalley.work, eparis
Cc: omosnace, selinux, linux-kernel, Vratislav Bendel
From: Vratislav Bendel <vbendel@redhat.com>
On error path from cond_read_list() and duplicate_policydb_cond_list()
the *_destroy() functions get called a second time in caller functions.
Remove the first calls and let the callers clean it.
Suggested-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
---
security/selinux/ss/conditional.c | 20 ++++++--------------
1 file changed, 6 insertions(+), 14 deletions(-)
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 8bc16ad3af9e..c333daaeceab 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -432,19 +432,16 @@ int cond_read_list(struct policydb *p, void *fp)
rc = avtab_alloc(&(p->te_cond_avtab), p->te_avtab.nel);
if (rc)
- goto err;
+ return rc;
p->cond_list_len = len;
for (i = 0; i < len; i++) {
rc = cond_read_node(p, &p->cond_list[i], fp);
if (rc)
- goto err;
+ return rc;
}
return 0;
-err:
- cond_list_destroy(p);
- return rc;
}
int cond_write_bool(void *vkey, void *datum, void *ptr)
@@ -643,7 +640,7 @@ static int duplicate_policydb_cond_list(struct policydb *newp,
sizeof(*newp->cond_list),
GFP_KERNEL);
if (!newp->cond_list)
- goto error;
+ return -ENOMEM;
for (i = 0; i < origp->cond_list_len; i++) {
struct cond_node *newn = &newp->cond_list[i];
@@ -656,27 +653,22 @@ static int duplicate_policydb_cond_list(struct policydb *newp,
orign->expr.len * sizeof(*orign->expr.nodes),
GFP_KERNEL);
if (!newn->expr.nodes)
- goto error;
+ return -ENOMEM;
newn->expr.len = orign->expr.len;
rc = cond_dup_av_list(&newn->true_list, &orign->true_list,
&newp->te_cond_avtab);
if (rc)
- goto error;
+ return rc;
rc = cond_dup_av_list(&newn->false_list, &orign->false_list,
&newp->te_cond_avtab);
if (rc)
- goto error;
+ return rc;
}
return 0;
-
-error:
- avtab_destroy(&newp->te_cond_avtab);
- cond_list_destroy(newp);
- return -ENOMEM;
}
static int cond_bools_destroy(void *key, void *datum, void *args)
--
2.26.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths
2022-01-28 20:28 [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths vbendel
` (2 preceding siblings ...)
2022-01-28 20:28 ` [PATCH 3/3] selinux: remove duplicate cond_list clean up calls vbendel
@ 2022-01-31 12:06 ` Ondrej Mosnacek
3 siblings, 0 replies; 9+ messages in thread
From: Ondrej Mosnacek @ 2022-01-31 12:06 UTC (permalink / raw)
To: vbendel
Cc: Paul Moore, Stephen Smalley, Eric Paris, SElinux list,
Linux kernel mailing list
On Fri, Jan 28, 2022 at 9:29 PM <vbendel@redhat.com> wrote:
> There are two users of policydb->cond_list: cond_read_list()
> and duplicate_policydb_cond_list(). If any of them gets an error,
> usually an -ENOMEM, the error-path-cleanup *_destroy() functions
> get called twice: firstly from these two and secondly from
> the caller functions' error paths.
>
> In case such -ENOMEM happens while assigning cond_node data, i.e.
> while ->cond_list_len is already non-zero, it leads to inappropriate
> dereferencing of policydb->cond_list[] data in the second called
> cond_list_destroy() from the caller functions' error paths, resulting
> with:
> - NULL pointer deref from cond_read_list();
> - use-after-free + double-free from duplicate_policydb_cond_list().
> (the cond_read_list() manages to set ->cond_list to NULL)
>
> Patch 1/3 simply makes the error behavior consistent by always setting
> ->cond_list to NULL.
>
> Patch 2/3 fixes the actual bug by resetting ->cond_list_len to 0,
> so any subsequent cond_list_destroy() calls would become noop.
>
> Patch 3/3 cleans up the duplicate *_destroy calls on these error paths,
> albeit it's a bit questionable and I'm looking for feedback on it:
> - on one hand the idea is that the caller functions call the *_destroy()
> bits anyway, hence removing duplicate efforts (which also fixes the bug,
> but I'd still prefer to apply patches 1 and 2 regardless);
> - on the other hand it's appropriate and more bug-proof for a function
> to clean everything it allocated on error.
> Hence I'm looking forward to seeing what approach the upstream would find
> more appropriate.
>
> Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
For the series (with or without the last patch):
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
--
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] selinux: consistently clear cond_list on error paths
2022-01-28 20:28 ` [PATCH 1/3] selinux: consistently clear cond_list on " vbendel
@ 2022-02-01 17:38 ` Paul Moore
2022-02-01 20:09 ` Paul Moore
0 siblings, 1 reply; 9+ messages in thread
From: Paul Moore @ 2022-02-01 17:38 UTC (permalink / raw)
To: vbendel; +Cc: stephen.smalley.work, eparis, omosnace, selinux, linux-kernel
On Fri, Jan 28, 2022 at 3:29 PM <vbendel@redhat.com> wrote:
> From: Vratislav Bendel <vbendel@redhat.com>
>
> Currently there are two users of policydb->cond_list: cond_read_list()
> and duplicate_policydb_cond_list(). On their error path one clears
> ->cond_list to NULL, but the other doesn't.
> Make the behavior consistent by resetting ->cond_list to NULL in
> cond_list_destroy(), which is called by both on the error path.
It's also important to see if there are any callers of
cond_list_destroy() which incorrectly might be making use of
policydb::cond_list after it has been freed; thankfully that does not
appear to be the case in any of the call paths I looked at just now.
As this is more a a style/Right-Thing-To-Do patch and not an immediate
bugfix I'm going to go and merge this into selinux/next.
Thanks Vratislav.
> Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
> ---
> security/selinux/ss/conditional.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
> index 2ec6e5cd25d9..1d0e5f326b62 100644
> --- a/security/selinux/ss/conditional.c
> +++ b/security/selinux/ss/conditional.c
> @@ -152,6 +152,7 @@ static void cond_list_destroy(struct policydb *p)
> for (i = 0; i < p->cond_list_len; i++)
> cond_node_destroy(&p->cond_list[i]);
> kfree(p->cond_list);
> + p->cond_list = NULL;
> }
>
> void cond_policydb_destroy(struct policydb *p)
> @@ -441,7 +442,6 @@ int cond_read_list(struct policydb *p, void *fp)
> return 0;
> err:
> cond_list_destroy(p);
> - p->cond_list = NULL;
> return rc;
> }
>
> --
> 2.26.3
--
paul-moore.com
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] selinux: consistently clear cond_list on error paths
2022-02-01 17:38 ` Paul Moore
@ 2022-02-01 20:09 ` Paul Moore
2022-02-02 11:15 ` Vratislav Bendel
0 siblings, 1 reply; 9+ messages in thread
From: Paul Moore @ 2022-02-01 20:09 UTC (permalink / raw)
To: vbendel; +Cc: stephen.smalley.work, eparis, omosnace, selinux, linux-kernel
On Tue, Feb 1, 2022 at 12:38 PM Paul Moore <paul@paul-moore.com> wrote:
> On Fri, Jan 28, 2022 at 3:29 PM <vbendel@redhat.com> wrote:
> > From: Vratislav Bendel <vbendel@redhat.com>
> >
> > Currently there are two users of policydb->cond_list: cond_read_list()
> > and duplicate_policydb_cond_list(). On their error path one clears
> > ->cond_list to NULL, but the other doesn't.
> > Make the behavior consistent by resetting ->cond_list to NULL in
> > cond_list_destroy(), which is called by both on the error path.
>
> It's also important to see if there are any callers of
> cond_list_destroy() which incorrectly might be making use of
> policydb::cond_list after it has been freed; thankfully that does not
> appear to be the case in any of the call paths I looked at just now.
> As this is more a a style/Right-Thing-To-Do patch and not an immediate
> bugfix I'm going to go and merge this into selinux/next.
After looking at patches 2/3 and 3/3, ignore the last sentence above
and see my comments below :)
> Thanks Vratislav.
>
> > Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
> > ---
> > security/selinux/ss/conditional.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
> > index 2ec6e5cd25d9..1d0e5f326b62 100644
> > --- a/security/selinux/ss/conditional.c
> > +++ b/security/selinux/ss/conditional.c
> > @@ -152,6 +152,7 @@ static void cond_list_destroy(struct policydb *p)
> > for (i = 0; i < p->cond_list_len; i++)
> > cond_node_destroy(&p->cond_list[i]);
> > kfree(p->cond_list);
> > + p->cond_list = NULL;
While patch 1/3 may not be a candidate for selinux/stable-5.17 by
itself, patch 2/3 definitely qualifies. Considering that both patches
are small, easily understood, and the likelihood of a merge conflict
between the two is high, why don't you squash 1/3 and 2/3 together so
we can submit this for selinux/stable-5.17? In addition, put the two
lines which reset cond_list and cond_list_len together in v2, it's
cleaner that way, example below. If you don't have time to do that
let me know and I can squash them together and move the
"p->cond_list_len = 0" line (don't worry, I'll preserve your
name/email as the patch author).
static void cond_list_destroy(...)
{
/* ... */
kfree(p->cond_list);
p->cond_list = NULL;
p->cond_list_len = 0;
}
> > }
> >
> > void cond_policydb_destroy(struct policydb *p)
> > @@ -441,7 +442,6 @@ int cond_read_list(struct policydb *p, void *fp)
> > return 0;
> > err:
> > cond_list_destroy(p);
> > - p->cond_list = NULL;
> > return rc;
> > }
--
paul-moore.com
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] selinux: remove duplicate cond_list clean up calls
2022-01-28 20:28 ` [PATCH 3/3] selinux: remove duplicate cond_list clean up calls vbendel
@ 2022-02-01 20:09 ` Paul Moore
0 siblings, 0 replies; 9+ messages in thread
From: Paul Moore @ 2022-02-01 20:09 UTC (permalink / raw)
To: vbendel; +Cc: stephen.smalley.work, eparis, omosnace, selinux, linux-kernel
On Fri, Jan 28, 2022 at 3:29 PM <vbendel@redhat.com> wrote:
> From: Vratislav Bendel <vbendel@redhat.com>
>
> On error path from cond_read_list() and duplicate_policydb_cond_list()
> the *_destroy() functions get called a second time in caller functions.
> Remove the first calls and let the callers clean it.
>
> Suggested-by: Ondrej Mosnacek <omosnace@redhat.com>
> Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
> ---
> security/selinux/ss/conditional.c | 20 ++++++--------------
> 1 file changed, 6 insertions(+), 14 deletions(-)
>
> diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
> index 8bc16ad3af9e..c333daaeceab 100644
> --- a/security/selinux/ss/conditional.c
> +++ b/security/selinux/ss/conditional.c
> @@ -432,19 +432,16 @@ int cond_read_list(struct policydb *p, void *fp)
>
> rc = avtab_alloc(&(p->te_cond_avtab), p->te_avtab.nel);
> if (rc)
> - goto err;
> + return rc;
>
> p->cond_list_len = len;
>
> for (i = 0; i < len; i++) {
> rc = cond_read_node(p, &p->cond_list[i], fp);
> if (rc)
> - goto err;
> + return rc;
> }
> return 0;
> -err:
> - cond_list_destroy(p);
> - return rc;
> }
I tend to prefer functions that cleanup their own allocations on
error. It makes it easier and quicker to reason about a function's
error handling. I recognize in this case it may mean multiple calls
to cond_list_destroy(), but that should be safe (considering the
previous patches in this series), and we are on the error path anyway
so I'm not as worried about a few extra instructions.
--
paul-moore.com
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] selinux: consistently clear cond_list on error paths
2022-02-01 20:09 ` Paul Moore
@ 2022-02-02 11:15 ` Vratislav Bendel
0 siblings, 0 replies; 9+ messages in thread
From: Vratislav Bendel @ 2022-02-02 11:15 UTC (permalink / raw)
To: Paul Moore
Cc: stephen.smalley.work, eparis, Ondrej Mosnacek, selinux, linux-kernel
On Tue, Feb 1, 2022 at 9:10 PM Paul Moore <paul@paul-moore.com> wrote:
>
> On Tue, Feb 1, 2022 at 12:38 PM Paul Moore <paul@paul-moore.com> wrote:
> > On Fri, Jan 28, 2022 at 3:29 PM <vbendel@redhat.com> wrote:
> > > From: Vratislav Bendel <vbendel@redhat.com>
> > >
> > > Currently there are two users of policydb->cond_list: cond_read_list()
> > > and duplicate_policydb_cond_list(). On their error path one clears
> > > ->cond_list to NULL, but the other doesn't.
> > > Make the behavior consistent by resetting ->cond_list to NULL in
> > > cond_list_destroy(), which is called by both on the error path.
> >
> > It's also important to see if there are any callers of
> > cond_list_destroy() which incorrectly might be making use of
> > policydb::cond_list after it has been freed; thankfully that does not
> > appear to be the case in any of the call paths I looked at just now.
> > As this is more a a style/Right-Thing-To-Do patch and not an immediate
> > bugfix I'm going to go and merge this into selinux/next.
>
> After looking at patches 2/3 and 3/3, ignore the last sentence above
> and see my comments below :)
>
> > Thanks Vratislav.
> >
> > > Signed-off-by: Vratislav Bendel <vbendel@redhat.com>
> > > ---
> > > security/selinux/ss/conditional.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
> > > index 2ec6e5cd25d9..1d0e5f326b62 100644
> > > --- a/security/selinux/ss/conditional.c
> > > +++ b/security/selinux/ss/conditional.c
> > > @@ -152,6 +152,7 @@ static void cond_list_destroy(struct policydb *p)
> > > for (i = 0; i < p->cond_list_len; i++)
> > > cond_node_destroy(&p->cond_list[i]);
> > > kfree(p->cond_list);
> > > + p->cond_list = NULL;
>
> While patch 1/3 may not be a candidate for selinux/stable-5.17 by
> itself, patch 2/3 definitely qualifies. Considering that both patches
> are small, easily understood, and the likelihood of a merge conflict
> between the two is high, why don't you squash 1/3 and 2/3 together so
> we can submit this for selinux/stable-5.17? In addition, put the two
> lines which reset cond_list and cond_list_len together in v2, it's
> cleaner that way, example below. If you don't have time to do that
> let me know and I can squash them together and move the
> "p->cond_list_len = 0" line (don't worry, I'll preserve your
> name/email as the patch author).
I was also wondering about the possible conflict for submission
into stable. I see no problem with squashing 1/3 and 2/3 together.
I'll send the v2, as per your suggestions. :)
Thank you and have a nice day!
>
> static void cond_list_destroy(...)
> {
>
> /* ... */
>
> kfree(p->cond_list);
> p->cond_list = NULL;
> p->cond_list_len = 0;
> }
>
> > > }
> > >
> > > void cond_policydb_destroy(struct policydb *p)
> > > @@ -441,7 +442,6 @@ int cond_read_list(struct policydb *p, void *fp)
> > > return 0;
> > > err:
> > > cond_list_destroy(p);
> > > - p->cond_list = NULL;
> > > return rc;
> > > }
>
> --
> paul-moore.com
>
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2022-02-02 11:15 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-28 20:28 [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths vbendel
2022-01-28 20:28 ` [PATCH 1/3] selinux: consistently clear cond_list on " vbendel
2022-02-01 17:38 ` Paul Moore
2022-02-01 20:09 ` Paul Moore
2022-02-02 11:15 ` Vratislav Bendel
2022-01-28 20:28 ` [PATCH 2/3] selinux: fix double free of " vbendel
2022-01-28 20:28 ` [PATCH 3/3] selinux: remove duplicate cond_list clean up calls vbendel
2022-02-01 20:09 ` Paul Moore
2022-01-31 12:06 ` [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths Ondrej Mosnacek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).