| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120116185924.GA24418@redhat.com>
Date: Mon, 16 Jan 2012 19:59:24 +0100
From: Oleg Nesterov <oleg@...hat.com>
To: Christopher Yeoh <cyeoh@....ibm.com>
Cc: linux-kernel@...r.kernel.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>,
David Howells <dhowells@...hat.com>
Subject: Re: [PATCH] Fix race in process_vm_rw_core
On 01/16, Christopher Yeoh wrote:
>
> +struct mm_struct *get_check_task_mm(struct task_struct *task, unsigned int mode)
> +{
> + struct mm_struct *mm;
> + int err;
> +
> + err = mutex_lock_killable(&task->signal->cred_guard_mutex);
> + if (err)
> + return ERR_PTR(err);
> +
> + task_lock(task);
> + mm = task->mm;
> + if (mm != current->mm && __ptrace_may_access(task, mode)) {
> + mm = ERR_PTR(-EACCES);
> + goto out;
> + }
> +
> + if (mm) {
> + if (task->flags & PF_KTHREAD)
> + mm = NULL;
> + else
> + atomic_inc(&mm->mm_users);
> + }
This still looks a bit strange, we call __ptrace_may_access()
before we check ->mm != NULL even if this is safe... Really, we
would simply fix the bug then try to microoptimize this code.
But OK, I promised I won't argue ;)
I believe the patch is correct and fixes the problem.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists