| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <10155.1310202827@redhat.com> Date: Sat, 09 Jul 2011 10:13:47 +0100 From: David Howells <dhowells@...hat.com> To: Edwin van Vliet <edwin@...atah.nl> Cc: dhowells@...hat.com, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] kernel/cred: Fix bug on cred reference count Edwin van Vliet <edwin@...atah.nl> wrote: > The comment above states that the old obj ref and subj ref should BOTH be > released. However, the line is repeated so the old obj ref is released twice > yet the subj ref is not. So either the comment is wrong, or this is simpy a > bug. Releasing the same ref twice seems wrong in any case. The comment is correct and the double release is correct. task_struct has *two* refs to the cred being replaced and both need to be updated: current->real_cred - The objective cred current->cred - The subjective cred The subjective cred is the one used by a task to access other objects; the objective cred details how the task is perceived by the outside world and affects how other tasks act upon it. Normally a task's two cred pointers point to the same cred, but under some circumstances (such as in cachefiles), the subjective cred can be overridden. David -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists