| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 3 Aug 2008 00:27:39 +0200 (CEST) From: Sven Wegener <sven.wegener@...aler.net> To: Oliver Pinter <pinter.oliver.villany@...il.com> cc: Oleg Nesterov <oleg@...sign.ru>, linux-kernel@...r.kernel.org, w@....eu, Roland McGrath <roland@...hat.com>, john stultz <johnstul@...ibm.com>, Thomas Gleixner <tglx@...utronix.de>, Roland McGrath <roland@...hat.com>, Oliver Pinter <oliver.pntr@...il.com> Subject: Re: [RFC, 2.6.26.2-rc1] posix timers: release_posix_timer: kill the bogus put_task_struct(->it_process) On Sat, 2 Aug 2008, Oliver Pinter wrote: > It is an RFC for sending this patch for stable, when this patch needed, then send ACK and CC stable, > if not then send NAK. I'd say big NAK. Have you ever looked at the full commit message and patch at all? It says "release_posix_timer() can't be called with ->it_process != NULL.". Point. The rest is the explanation why this can't happen. And looking at the patch, we see that it just removes code that actually never gets executed under the mentioned preconditions. It's a pure cleanup patch and doesn't qualify for -stable. Same goes for the other posix timer patch you mailed out. > --- > From 96347e7759e2e433c427defa0fa1adfc8cce6226 Mon Sep 17 00:00:00 2001 > From: Oleg Nesterov <oleg@...sign.ru> > Date: Fri, 25 Jul 2008 01:47:27 -0700 > Subject: [PATCH] posix timers: release_posix_timer: kill the bogus put_task_struct(->it_process); > > [ Upstream commit 96347e7759e2e433c427defa0fa1adfc8cce6226 ] > > release_posix_timer() can't be called with ->it_process != NULL. Once > sys_timer_create() sets ->it_process it must not call > release_posix_timer(), otherwise we can race with another thread doing > sys_timer_delete(), this timer is visible to idr_find() and unlocked. > > The same is true for two other callers (actually, for any possible > caller), sys_timer_delete() and itimer_delete(). They must clear > ->it_process before unlock_timer() + release_posix_timer(). > > Signed-off-by: Oleg Nesterov <oleg@...sign.ru> > Acked-by: Roland McGrath <roland@...hat.com> > Cc: john stultz <johnstul@...ibm.com> > Cc: Thomas Gleixner <tglx@...utronix.de> > Cc: Roland McGrath <roland@...hat.com> > Signed-off-by: Andrew Morton <akpm@...ux-foundation.org> > Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org> > CC: Oliver Pinter <oliver.pntr@...il.com> > > diff --git a/kernel/posix-timers.c b/kernel/posix-timers.c > index 17f5326..9a21681 100644 > --- a/kernel/posix-timers.c > +++ b/kernel/posix-timers.c > @@ -449,9 +449,6 @@ static void release_posix_timer(struct k_itimer *tmr, int it_id_set) > spin_unlock_irqrestore(&idr_lock, flags); > } > sigqueue_free(tmr->sigq); > - if (unlikely(tmr->it_process) && > - tmr->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID)) > - put_task_struct(tmr->it_process); > kmem_cache_free(posix_timers_cache, tmr); > } > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists