| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 26 Nov 2006 10:12:54 +0000
From: Al Viro <viro@....linux.org.uk>
To: Eugene Teo <eteo@...hat.com>
Cc: lksctp-developers@...ts.sourceforge.net,
linux-kernel@...r.kernel.org
Subject: Re: [2.6 patch] net/sctp/socket.c: add missing sctp_spin_unlock_irqrestore
On Sun, Nov 26, 2006 at 06:00:53PM +0800, Eugene Teo wrote:
> This patch adds a missing sctp_spin_unlock_irqrestore when returning
> from "if(space_left<addrlen)" condition.
> if (copy_to_user(*to, &temp, addrlen)) {
> - sctp_spin_unlock_irqrestore(&sctp_local_addr_lock,
> - flags);
> - return -EFAULT;
> + err = -EFAULT;
> + goto unlock;
> + sctp_spin_unlock_irqrestore(&sctp_local_addr_lock, flags);
> + return err;
> }
You do realize that it's obviously still badly broken, don't you?
copy_to_user() under a spinlock is a recipe for deadlock, especially
if you've got interrupts disabled...
I have a beginning of locking fixes in that shitpile, but it's incomplete
and bloody painful ;-/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists