| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 15 May 2010 18:17:17 +0400 From: Andrew Vagin <avagin@...il.com> To: Oleg Nesterov <oleg@...hat.com> CC: Stanislaw Gruszka <sgruszka@...hat.com>, Andrey Vagin <avagin@...nvz.org>, Thomas Gleixner <tglx@...utronix.de>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, stable@...nel.org, Pavel Emelyanov <xemul@...nvz.org> Subject: Re: [PATCH 2/2] posix_timer: clean up properly if anything fails after *_timer_create On 05/14/2010 10:48 PM, Oleg Nesterov wrote: > On 05/14, Stanislaw Gruszka wrote: > >> On Fri, 14 May 2010 18:03:57 +0200 >> Oleg Nesterov<oleg@...hat.com> wrote: >> >> >>> On 05/14, Andrey Vagin wrote: >>> >>>> @@ -613,6 +613,8 @@ SYSCALL_DEFINE3(timer_create, const clockid_t, which_clock, >>>> * and may cease to exist at any time. Don't use or modify >>>> * new_timer after the unlock call. >>>> */ >>>> +out_cleanup: >>>> + CLOCK_DISPATCH(new_timer->it_clock, timer_cleanup, (new_timer)); >>>> >>> But at first glance you are right, posix_cpu_timer_create() does >>> get_task_struct(it.cpu.task). >>> >> If I understand problem correctly, seems to be fine to move >> CLOCK_DISPATCH(which_clock, timer_create, (new_timer)); >> after all possible EFAULT errors and solve leak without creating >> new timer_cleanup() callback. >> > I thought about this too, we are doing copy_to_user(created_timer_id) > "in advance" anyway. Probably we can move all this code block > > new_timer->it_id = (timer_t) new_timer_id; > new_timer->it_clock = which_clock; > new_timer->it_overrun = -1; > error = CLOCK_DISPATCH(which_clock, timer_create, (new_timer)); > if (error) > goto out; > > down, right before we take ->siglock. > You are right. I will send a new patch sooner. Thanks for your comments. > But I don't understand the change in posix_cpu_timer_del() from 1/2. > timer_cleanup doesn't do the disarm timer. In case fail in timer_create it's enough to call timer_cleanup. This changes are not necessary in new version. > > Otoh, currently "The next step is hard to back out if there is an error" > comment is not right, release_posix_timer() does put_pid(). We can > move copy_to_user(created_timer_id) down after "if (timer_event_spec)" > block too. (but before CLOCK_DISPATCH(), of course). > > Andrey, what do you think? > I've look at code again and think that you are right. At first I created patches for 2.6.18 kernel, more complex code in this place and the comment "the next step is ..." induced me to make callback timer_cleanup. > Oleg. > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists