lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <E1I0DmJ-0006yg-00@dorka.pomaz.szeredi.hu>
Date:	Mon, 18 Jun 2007 11:44:07 +0200
From:	Miklos Szeredi <miklos@...redi.hu>
To:	davem@...emloft.net
CC:	akpm@...ux-foundation.org, viro@....linux.org.uk,
	alan@...rguk.ukuu.org.uk, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fix race in AF_UNIX

> > > > And is anyone working on a better patch?
> > > 
> > > I have no idea.
> > > 
> > > > Those patches aren't "bad" in the correctness sense.  So IMO any one
> > > > of them is better, than having that bug in there.
> > > 
> > > You're adding a very serious performance regression, which is
> > > about as bad as the bug itself.
> > 
> > No, correctness always trumps performance.
> 
> To a point.  There is no black and white in this world.
> 
> > Lost packets on an AF_UNIX socket are _unexceptable_, and this is
> > definitely not a theoretical problem.
> 
> A lot of people will consider having all of their AF_UNIX sockets on
> their 64 cpu system just stop when garbage collection runs to be
> unacceptable as well.

Garbage collection only ever happens, if the app is sending AF_UNIX
sockets over AF_UNIX sockets.  Which is a rather rare case.  And which
is basically why this bug went unnoticed for so long.

So my second patch only affects the performance of _exactly_ those
apps which might well be bitten by the bug itself.

> Secondarily, this bug has been around for years and nobody noticed.
> The world will not explode if this bug takes a few more days or
> even a week to work out.  Let's do it right instead of ramming
> arbitrary turds into the kernel.

Fine, but just wishing a bug to get fixed won't accomplish anything.
I've spent a fair amount of time debugging this thing, and I'm out of
ideas.  Really.  So unless somebody steps up to look at this, it won't
_ever_ get fixed.

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ