lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 24 Jul 2009 18:14:49 +0200
From:	Oleg Nesterov <oleg@...hat.com>
To:	Hiroshi Shimamoto <h-shimamoto@...jp.nec.com>
Cc:	Roland McGrath <roland@...hat.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] task_struct cleanup: move binfmt field to mm_struct

On 07/24, Hiroshi Shimamoto wrote:
>
>  int set_binfmt(struct linux_binfmt *new)
>  {
> -	struct linux_binfmt *old = current->binfmt;
> +	struct linux_binfmt *old;
>
> +	if (!current->mm)
> +		return -1;
> +
> +	old = current->mm->binfmt;
>  	if (new) {
>  		if (!try_module_get(new->module))
>  			return -1;
>  	}
> -	current->binfmt = new;
> +	current->mm->binfmt = new;

Hmm. Of-topic, but I think set_binfmt() is buggy (with or without this patch),
it should use __module_get(). I'll send the fix in a minute.

> @@ -1730,7 +1734,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
>
>  	audit_core_dumps(signr);
>
> -	binfmt = current->binfmt;
> +	binfmt = current->mm ? current->mm->binfmt : NULL;

current->mm can't be NULL here. And please note we already have
struct mm_struct *mm = current->mm, so the above should be

	 binfmt = mm->binfmt;

> @@ -953,6 +953,9 @@ NORET_TYPE void do_exit(long code)
>  	tsk->exit_code = code;
>  	taskstats_exit(tsk, group_dead);
>
> +	if (tsk->mm && tsk->mm->binfmt)
> +		module_put(tsk->mm->binfmt->module);

This is not right. We leak ->binfmt on exec.

Seems to be fixed by the next patch, but still this is not good.
I'd suggest you to merge these 2 patches into single patch, because
module_put(->binfmt) should go to mmput() from the very beginning.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ