lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20101231142536.GB22593@mail.hallyn.com>
Date:	Fri, 31 Dec 2010 14:25:36 +0000
From:	"Serge E. Hallyn" <serge@...lyn.com>
To:	Hillf Danton <dhillf@...il.com>
Cc:	linux-kernel@...r.kernel.org, "Serge E. Hallyn" <serge@...lyn.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	stable@...nel.org
Subject: Re: [PATCH] fix freeing user_struct in user cache

Quoting Hillf Danton (dhillf@...il.com):
> When racing on adding into user cache, the new allocated from mm slab
> is freed without putting user namespace.
> 
> Since the user namespace is already operated by getting, putting has
> to be issued.
> 
> Signed-off-by: Hillf Danton <dhillf@...il.com>

which was previously

> Acked-by: Serge Hallyn <serge@...lyn.com>

thanks again, Hillf.

> ---
> 
> --- a/kernel/user.c	2010-11-01 19:54:12.000000000 +0800
> +++ b/kernel/user.c	2010-12-23 20:42:00.000000000 +0800
> @@ -158,6 +158,7 @@ struct user_struct *alloc_uid(struct use
>  		spin_lock_irq(&uidhash_lock);
>  		up = uid_hash_find(uid, hashent);
>  		if (up) {
> +			put_user_ns(ns);
>  			key_put(new->uid_keyring);
>  			key_put(new->session_keyring);
>  			kmem_cache_free(uid_cachep, new);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ