| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTilT3D8c86LYK2DxcNpM2F3D8iCbgY_sfUg8h58p@mail.gmail.com> Date: Tue, 25 May 2010 13:28:19 -0400 From: Mike Frysinger <vapier.adi@...il.com> To: Oleg Nesterov <oleg@...hat.com> Cc: David Howells <dhowells@...hat.com>, Roland McGrath <roland@...hat.com>, Andrew Morton <akpm@...ux-foundation.org>, linux-sh@...r.kernel.org, Paul Mundt <lethal@...ux-sh.org>, uclinux-dist-devel@...ckfin.uclinux.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH -mm 1/1] ptrace: PTRACE_GETFDPIC: fix the unsafe usage of child->mm On Tue, May 25, 2010 at 06:23, Oleg Nesterov wrote: > - arch/blackfin/kernel/ptrace.c:is_user_addr_valid() > needs mmap_sem around find_vma() > > The lockless access to mm->context.sram_list doesn't look > safe to me. > > If we add get_task_mm() - this protects us against > destroy_context() only. What is the tracee's sub-thread > does sys_sram_alloc() or sys_sram_free() in parallel? i dont believe there are any code paths in UP systems where this would be a practical problem because sram_list is only updated by syscalls from userspace. we probably should add proper locking to this structure though. i'll open a tracker item about it, thanks ! -mike -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists