| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTinVHrkLOMBkH3cauQndL03C_mnAJDJNYHa14ysZ@mail.gmail.com>
Date: Tue, 14 Dec 2010 15:30:24 -0800
From: Mike Waychison <mikew@...gle.com>
To: Michał Mirosław <mirqus@...il.com>
Cc: simon.kagstrom@...insight.net, davem@...emloft.net,
nhorman@...driver.com, Matt Mackall <mpm@...enic.com>,
adurbin@...gle.com, linux-kernel@...r.kernel.org,
chavey@...gle.com, Greg KH <greg@...ah.com>,
netdev@...r.kernel.org,
Américo Wang <xiyou.wangcong@...il.com>,
akpm@...ux-foundation.org, linux-api@...r.kernel.org
Subject: Re: [PATCH v3 02/22] netconsole: Introduce locking over the netpoll fields
2010/12/14 Michał Mirosław <mirqus@...il.com>:
> 2010/12/14 Mike Waychison <mikew@...gle.com>:
>> The netconsole driver currently doesn't do any locking over its
>> configuration fields. This can cause problems if we were to ever have
>> concurrent writing to fields while somebody is enabling the service.
>>
>> For simplicity, this patch extends targets_list_lock to cover all
>> configuration fields within the targets. Macros are also added here to
>> wrap accessors so that we check whether the target has been enabled with
>> locking handled.
>>
>> Signed-off-by: Mike Waychison <mikew@...gle.com>
>> Acked-by: Matt Mackall <mpm@...enic.com>
>> ---
>> drivers/net/netconsole.c | 114 ++++++++++++++++++++++++++--------------------
>> 1 files changed, 64 insertions(+), 50 deletions(-)
>>
>> diff --git a/drivers/net/netconsole.c b/drivers/net/netconsole.c
>> index c87a49e..6e16888 100644
>> --- a/drivers/net/netconsole.c
>> +++ b/drivers/net/netconsole.c
>> @@ -327,6 +327,7 @@ static ssize_t store_enabled(struct netconsole_target *nt,
>> const char *buf,
>> size_t count)
>> {
>> + unsigned long flags;
>> int err;
>> long enabled;
>>
>> @@ -335,6 +336,10 @@ static ssize_t store_enabled(struct netconsole_target *nt,
>> return enabled;
>>
>> if (enabled) { /* 1 */
>> + spin_lock_irqsave(&target_list_lock, flags);
>> + if (nt->enabled)
>> + goto busy;
>> + spin_unlock_irqrestore(&target_list_lock, flags);
>>
>
> This looks wrong. Unless there is another lock or mutex covering this
> function, at this point (after spin_unlock_irqrestore()) another
> thread might set nt->enabled = 1.
>
Agreed that this looks wrong :)
It is fixed in the next patch where a state machine is introduced to
replace the binary flag nt->enabled. The code before this patch had
the a very similar problem in that a target could be enabled twice.
store_enabled() would call netpoll_setup() the second time without
checking to see if it was already enabled.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists