lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-id: <op.vj3mn1fl7p4s8u@pikus>
Date:	Tue, 05 Oct 2010 12:41:51 +0200
From:	Michał Nazarewicz <m.nazarewicz@...sung.com>
To:	akpm@...ux-foundation.org, torvalds@...ux-foundation.org,
	Evgeny Kuznetsov <EXT-Eugeny.Kuznetsov@...ia.com>
Cc:	mingo@...e.hu, gregkh@...e.de, a.p.zijlstra@...llo.nl,
	xiaosuo@...il.com, linux-kernel@...r.kernel.org,
	ext-eugeny.kuznetsov@...ia.com
Subject: Re: [PATCH 1/1] wait: using uninitialized member of wait queue

On Tue, 05 Oct 2010 10:47:57 +0200, Evgeny Kuznetsov <EXT-Eugeny.Kuznetsov@...ia.com> wrote:
> Member "flags" of "wait_queue_t" struct  is used in several places in
> kernel code without beeing initialized. "flags" is used in bitwise operations.
                       ^^^^^^ -- "being"

> If "flags" not initialized then unexpected behaviour may have place.
> Incorrect flags maybe used later in code.
> Struct "wait_queue_t" is initialized in function "init_wait()". But
> "init_wait()" do not initialize "flag" member.
                 ^^ -- does         ^^^^ -- "flags"

> Added initialization of "wait_queue_t.flags" with zero value into "init_wait".

> diff --git a/include/linux/wait.h b/include/linux/wait.h
> index 0836ccc..3efc9f3 100644
> --- a/include/linux/wait.h
> +++ b/include/linux/wait.h
> @@ -614,6 +614,7 @@ int wake_bit_function(wait_queue_t *wait, unsigned mode, int sync, void *key);
>  		(wait)->private = current;				\
>  		(wait)->func = autoremove_wake_function;		\
>  		INIT_LIST_HEAD(&(wait)->task_list);			\
> +		(wait)->flags = 0;					\
>  	} while (0)
> /**

I'd turn init_wait() into a static inline.  Otherwise looks good to me.
(Interestingly, init_wait() is used only in 3 places in the kernel and
none uses flags.)

-- 
Best regards,                                        _     _
| Humble Liege of Serenely Enlightened Majesty of  o' \,=./ `o
| Computer Science,  Michał "mina86" Nazarewicz       (o o)
+----[mina86*mina86.com]---[mina86*jabber.org]----ooO--(_)--Ooo--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ