On 27.02.23 20:59, George Kennedy wrote: > Hello Thomas, > > On 2/27/2023 9:20 AM, Linux regression tracking (Thorsten Leemhuis) wrote: >> Hi, this is your Linux kernel regression tracker. Top-posting for once, >> to make this easily accessible to everyone. >> >> George, is there anything we can do to help you moving forward to >> finally get this regression fixed? It seems (or am I missing something?) >> everyone is waiting for you (see below) to act on the feedback Jiri >> provided here: >> >> https://lore.kernel.org/lkml/8dffe187-240d-746e-ed84-885ffd2785f6@xxxxxxxxxx/ >> >> Side note: would be good to add a "Link:" tag pointing to the start of >> this thread as well, but that's just a detail. > > I just sent the requested patch up for review. > > https://lore.kernel.org/lkml/1677527001-17459-1-git-send-email-george.kennedy@xxxxxxxxxx/ Thx for handling this! And I see it very quickly made its way to mainline. :-D Ciao, Thorsten >> On 21.02.23 14:50, Greg Kroah-Hartman wrote: >>> On Tue, Feb 21, 2023 at 08:30:11AM -0500, George Kennedy wrote: >>>> On 2/20/2023 11:34 AM, Thomas Weißschuh wrote: >>>>> +Cc people who were involved in the original thread. >>>>> >>>>> On Mon, Feb 20, 2023 at 12:48:59PM +0100, Jiri Slaby wrote: >>>>>> On 20. 02. 23, 7:46, linux@xxxxxxxxxxxxxx wrote: >>>>>>> From: Thomas Weißschuh <linux@xxxxxxxxxxxxxx> >>>>>>> >>>>>>> Commit 226fae124b2d >>>>>>> ("vc_screen: move load of struct vc_data pointer in vcs_read() to >>>>>>> avoid UAF") >>>>>>> moved the call to vcs_vc() into the loop. >>>>>>> While doing this it also moved the unconditional assignment of >>>>>>> "ret = -ENXIO". >>>>>>> This unconditional assignment was valid outside the loop but >>>>>>> within it >>>>>>> it clobbers the actual value of ret. >>>>>>> >>>>>>> To avoid this only assign "ret = -ENXIO" when actually needed. >>>>>> Not sure -- I cannot find it -- but hasn't George fixed this yet? >>>>> Indeed there was a proposed fix at >>>>> https://lore.kernel.org/lkml/1675704844-17228-1-git-send-email-george.kennedy@xxxxxxxxxx/ >>>>> >>>>> Linus had some suggestions so it was not applied as is. >>>>> >>>>> I'm not sure what the current state is. >>>>> George, do you have something in the pipeline? >>>> Yes, that is in the pipeline: >>>> https://lore.kernel.org/lkml/1675774098-17722-1-git-send-email-george.kennedy@xxxxxxxxxx/ >>>> >>>> Linus suggested the fix, which was tested and submitted. >>>> >>>> Jiri commented on the patch, which I believe was directed at Linus >>>> as he >>>> suggested the fix. >>> And I was waiting for a new version from you based on those comments :( >>> >>> Can you fix that up and send? >>> >>> thanks, >>> >>> greg k-h >> #regzbot monitor: >> https://lore.kernel.org/lkml/1675774098-17722-1-git-send-email-george.kennedy@xxxxxxxxxx/ >> #regzbot poke > > >
