| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Jun 2008 15:58:29 -0400 From: Trond Myklebust <trond.myklebust@....uio.no> To: Jeff Layton <jlayton@...hat.com> Cc: Daniel J Blueman <daniel.blueman@...il.com>, linux-nfs@...r.kernel.org, nfsv4@...ux-nfs.org, Linux Kernel <linux-kernel@...r.kernel.org> Subject: Re: [2.6.26-rc4] mount.nfsv4/memory poisoning issues... On Tue, 2008-06-10 at 15:13 -0400, Jeff Layton wrote: > I think you're basically correct, but it looks to me like the > nfs_callback_mutex actually protects nfs_callback_info.task as well. > > If we're starting the thread, then we can't call kthread_stop on it > until we release the mutex. So the thread can't exit until we release > the mutex, and we can be guaranteed that this: > > nfs_callback_info.task = NULL; > > ...can't happen until after kthread_run returns and nfs_callback_up > sets it. > > If that's right, then maybe this (untested, RFC only) patch would make sense? Hmm... I suppose that is correct, but what if nfs_alloc_client() does nfs_callback_up(); <kstrdup() fails> nfs_callback_down(); AFAICS, if nfs_callback_down() gets called before the kthread() function gets scheduled back in, then you can get left with a value of nfs_callback_info.task != NULL, since nfs_callback_svc() will never be called. Wouldn't it therefore make more sense to clear nfs_callback_info.task in nfs_callback_down()? Cheers Trond -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists