| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Jun 2010 10:23:16 -0700 (PDT) From: Linus Torvalds <torvalds@...ux-foundation.org> To: tytso@....edu cc: Ingo Molnar <mingo@...e.hu>, Salman <sqazi@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, peterz@...radead.org, akpm@...x-foundation.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, tytso@...gle.com, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [PATCH] Fix a race in pid generation that causes pids to be reused immediately. On Wed, 9 Jun 2010, tytso@....edu wrote: > > This brings up a question. If we're going to use a cmpxchg() loop, is > there any point to doing the test-and-set game with the bitmap? I think there very much is. Otherwise you have three threads, two of which pick the same pid (because the test-and-set isn't atomic), and a third of which picks a new one. The cmpxchg succeeds (the third one wins, and everybody picks that winner), but you only expanded the map by two entries, and you're going to return the same pid nr to two people. So the cmpxchg only protects "last_pid". It does _not_ in any way protect the pid we're actually going to return. Or am I missing something? Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists