| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m1fxz4ws2z.fsf@ebiederm.dsl.xmission.com> Date: Sat, 17 Nov 2007 13:11:00 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: Oleg Nesterov <oleg@...sign.ru> Cc: Andrew Morton <akpm@...ux-foundation.org>, Pavel Emelyanov <xemul@...nvz.org>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] do_task_stat: don't use task_pid_nr_ns() lockless Oleg Nesterov <oleg@...sign.ru> writes: > Without rcu/tasklist/siglock lock task_pid_nr_ns() may read the freed memory, > move the callsite under ->siglock. > > Sadly, we can report pid == 0 if the task was detached. We only get detached in release_task so it is a pretty small window where we can return pid == 0. Usually get_task_pid will fail first and we will return -ESRCH. Still the distance from open to There is another bug in here as well. current->nsproxy->pid_ns is wrong. What we want is: ns = dentry->d_sb->s_fs_info; Otherwise we will have file descriptor passing races and the like. We could also do: proc_pid(inode) to get the pid, which is a little more race free, and will prevent us from returning pid == 0. In either event it looks like we need to implement some proper file operations for these proc files, maybe even going to seq file status. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists