On Mon, 29 Jul 2024 18:29:49 +0530
Ajay Kaher wrote:
> Following is not related to this bug:
> event_release callback executed once 'dir' closed (no more ref), any
> specific reason to register with 'dir'/'enable' file. If not, could we
> register with the 'dir' instead of 'enable'.
I tried that
On Thu, 25 Jul 2024 20:15:17 -0400
Steven Rostedt wrote:
> From: Steven Rostedt
>
> When eventfs was introduced, special care had to be done to coordinate the
> freeing of the file meta data with the files that are exposed to user
> space. The file meta data would have a ref count that is set w
On Fri, Jul 26, 2024 at 9:33 PM Steven Rostedt wrote:
>
> On Fri, 26 Jul 2024 18:00:18 +0530
> Ajay Kaher wrote:
>
> > Some doubt:
> > Because of the same race condition, it may happen that kmem_cache_free(file)
> > was executed while f_start() is waiting to get event_mutex. Once
> > f_start() ac
On Fri, 26 Jul 2024 21:58:30 +0200
Mathias Krause wrote:
> >>
> >> IMHO, this needs at least the following additional fixes tags to ensure
> >> all stable kernels get covered:
> >>
> >> Fixes: 5790b1fb3d67 ("eventfs: Remove eventfs_file and just use
> >> eventfs_inode")
> >> Fixes: 27152bceea1d ("
On 26.07.24 16:52, Steven Rostedt wrote:
> On Fri, 26 Jul 2024 12:16:16 +0200
> Mathias Krause wrote:
>
>>>
>>> With KASAN memory checking, it would trigger a use-after-free bug. This was
>>>
>>
>> The UAF bug is there even without KASAN. It's just that KASAN makes it
>> much easier to detect
On Fri, 26 Jul 2024 18:00:18 +0530
Ajay Kaher wrote:
> Some doubt:
> Because of the same race condition, it may happen that kmem_cache_free(file)
> was executed while f_start() is waiting to get event_mutex. Once
> f_start() acquires
> event_mutex, it will access the *file which points to the fre
On Fri, 26 Jul 2024 12:16:16 +0200
Mathias Krause wrote:
> >
> > With KASAN memory checking, it would trigger a use-after-free bug. This was
> >
>
> The UAF bug is there even without KASAN. It's just that KASAN makes it
> much easier to detect and catch early.
Well the bug happens without K
On Fri, Jul 26, 2024 at 5:45 AM Steven Rostedt wrote:
>
> From: Steven Rostedt
>
> When eventfs was introduced, special care had to be done to coordinate the
> freeing of the file meta data with the files that are exposed to user
> space. The file meta data would have a ref count that is set when
On 26.07.24 02:15, Steven Rostedt wrote:
> From: Steven Rostedt
>
> When eventfs was introduced, special care had to be done to coordinate the
> freeing of the file meta data with the files that are exposed to user
> space. The file meta data would have a ref count that is set when the file
> is
9 matches
Mail list logo
