lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 04 Sep 2006 16:36:19 +0100
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	akpm@...l.org
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] audit/accounting: tty locking

Ar Llu, 2006-09-04 am 15:36 +0100, ysgrifennodd Alan Cox:
> Fairly basic stuff .. make sure the name we are encoding doesn't vanish
> under us.

Here's a replacement that is more paranoid about the locking as
suggested by Arjan. The whole current->signal-> locking is all deeply
strange but its for someone else to sort out. Add rather than replace
the lock for acct.c

Signed-off-by: Alan Cox <alan@...hat.com>

diff -u --new-file --recursive --exclude-from /usr/src/exclude linux.vanilla-2.6.18-rc5-mm1/kernel/acct.c linux-2.6.18-rc5-mm1/kernel/acct.c
--- linux.vanilla-2.6.18-rc5-mm1/kernel/acct.c	2006-09-01 13:39:20.000000000 +0100
+++ linux-2.6.18-rc5-mm1/kernel/acct.c	2006-09-04 15:47:58.324205496 +0100
@@ -483,10 +483,14 @@
 	ac.ac_ppid = current->parent->tgid;
 #endif
 
-	read_lock(&tasklist_lock);	/* pin current->signal */
+	mutex_lock(&tty_mutex);
+	/* FIXME: Whoever is responsible for current->signal locking needs
+	   to use the same locking all over the kernel and document it */
+	read_lock(&tasklist_lock);
 	ac.ac_tty = current->signal->tty ?
 		old_encode_dev(tty_devnum(current->signal->tty)) : 0;
 	read_unlock(&tasklist_lock);
+	mutex_unlock(&tty_mutex);
 
 	spin_lock_irq(&current->sighand->siglock);
 	ac.ac_utime = encode_comp_t(jiffies_to_AHZ(cputime_to_jiffies(pacct->ac_utime)));
diff -u --new-file --recursive --exclude-from /usr/src/exclude linux.vanilla-2.6.18-rc5-mm1/kernel/auditsc.c linux-2.6.18-rc5-mm1/kernel/auditsc.c
--- linux.vanilla-2.6.18-rc5-mm1/kernel/auditsc.c	2006-09-01 13:39:20.000000000 +0100
+++ linux-2.6.18-rc5-mm1/kernel/auditsc.c	2006-09-01 13:55:51.000000000 +0100
@@ -766,6 +766,8 @@
 		audit_log_format(ab, " success=%s exit=%ld", 
 				 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no",
 				 context->return_code);
+				 
+	mutex_lock(&tty_mutex);
 	if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
 		tty = tsk->signal->tty->name;
 	else
@@ -787,6 +789,9 @@
 		  context->gid,
 		  context->euid, context->suid, context->fsuid,
 		  context->egid, context->sgid, context->fsgid, tty);
+
+	mutex_unlock(&tty_mutex);
+	
 	audit_log_task_info(ab, tsk);
 	if (context->filterkey) {
 		audit_log_format(ab, " key=");

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists