| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110315135137.GA27545@infradead.org>
Date: Tue, 15 Mar 2011 09:51:37 -0400
From: Christoph Hellwig <hch@...radead.org>
To: Phil Carmody <ext-phil.2.carmody@...ia.com>
Cc: menage@...gle.com, lizf@...fujitsu.com,
containers@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org, akpm@...ux-foundation.org
Subject: Re: [PATCH 0/2] suck some poison out of cgroups' linked lists
On Tue, Mar 15, 2011 at 03:08:41PM +0200, Phil Carmody wrote:
> Apparently, whether nodes are on a list is being checked with list_empty(),
> and if they're on a list, they're list_del()ed. According to a subsequent
> list_empty() check, they're still on a list, as list_del() doesn't turn
> the nodes into singleton lists, it simply poisons both its pointers, and
> merry poison dereferencing may ensue. Oops.
>
> There are at least 2 to address this matter, I've gone for the latter:
>
> 1) Do not use list_empty() to check if a node is on a list or not. Have
> an additional new function that checks to see whether the node is either
> a singleton or is poisoned. Something like list_node_{on,off}_list()?
>
> 2) Ensure that you never leave poison anywhere where you might want
> to use list_empty().
The correct way is to use list_del_init() if you want to do list_empty
checks later on.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists