| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 20 Dec 2009 17:59:59 -0800 From: ebiederm@...ssion.com (Eric W. Biederman) To: Andi Kleen <andi@...stfloor.org> Cc: linux-kernel@...r.kernel.org, paulmck@...ux.vnet.ibm.com Subject: Re: [PATCH] [0/11] SYSCTL: Use RCU to avoid races with string sysctls Andi Kleen <andi@...stfloor.org> writes: > With BKL-less sysctls most of the writable string sysctls are racy. There > is no locking on the reader side, so a reader could see an inconsistent > string or worse miss the terminating null and walk of beyond it. The walk will only extend up to the maximum length of the string. So the worst case really is inconsistent data. This is an unfortunate corner case. This is not a regression as this has been the way things have worked for years. So probably 2.6.34 material. > This patch kit adds a new "rcu string" variant to avoid these > problems and convers the racy users. One the writer side the strings are > always copied to new memory and the readers use rcu_read_lock() > to get a stable view. For readers who access the string over > sleeps the reader copies the string. I will have to look more after the holidays. This rcu_string looks like it introduces allocations on paths that did not use them before, which has me wondering a bit. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists