| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Nov 2010 23:37:28 +0300 From: Vladislav Bolkhovitin <vst@...b.net> To: Dmitry Torokhov <dmitry.torokhov@...il.com> CC: Boaz Harrosh <bharrosh@...asas.com>, Greg KH <greg@...ah.com>, linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org, scst-devel <scst-devel@...ts.sourceforge.net>, James Bottomley <James.Bottomley@...senPartnership.com>, Andrew Morton <akpm@...ux-foundation.org>, FUJITA Tomonori <fujita.tomonori@....ntt.co.jp>, Mike Christie <michaelc@...wisc.edu>, Vu Pham <vuhuong@...lanox.com>, Bart Van Assche <bart.vanassche@...il.com>, James Smart <James.Smart@...lex.Com>, Joe Eykholt <jeykholt@...co.com>, Andy Yan <ayan@...vell.com>, Chetan Loke <generationgnu@...oo.com>, Hannes Reinecke <hare@...e.de>, Richard Sharpe <realrichardsharpe@...il.com>, Daniel Henrique Debonzi <debonzi@...ux.vnet.ibm.com> Subject: Re: [PATCH 8/19]: SCST SYSFS interface implementation Dmitry Torokhov, on 11/15/2010 10:04 AM wrote: >> 1. What to do if another SCST object is being created with the same name >> as supposed to be deleted, but not completely dead yet? > > The same rules as with files - the object disappears from the > "directories" so no new users can get it but is not destroyed till last > reference is gone. > >> >> 2. What to do if a dieing object is found on some list and reference for >> is supposed to be taken? If the object deleted from the list before it >> marked dieing, i.e. the latest internal put() done, it made additional >> problems during deleting it after the latest external put done. > > You delete the object from the list, then mark it as dead, notify users, > drop refcount. No new users will get it (as it is not on the list > anymore) and existing ones should notice that it is dead and stop using > it. Those are good in theory, but on practice, you know, devil is in the details.. >> This is because SYSFS doesn't hold references for the corresponding >> kobjects for every open file handle. It holds references only when >> show() and store() functions called. So, everything is under control and >> a malicious user can do nothing to hold a reference forever. > > Right, Tejun plugged this particular (and very annoying) attributes > behavior This behavior isn't annoying, it's GREAT, because it allows to use SYSFS simply and reliably. >, but that does not mean that this is the only way kobject's > reference might be pinned. Could you be more specific and point out on exact ways for that? From my quite deep SYSFS source code study I see such cases should not exist. Thanks, Vlad -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists