lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 23 Feb 2012 10:45:00 -0800
From:	Andi Kleen <>
To:	Dave Hansen <>
Subject: Re: [RFC][PATCH] fix move/migrate_pages() race on task struct

Dave Hansen <> writes:

> sys_move_pages() and sys_migrate_pages() are a pretty nice copy
> and paste job of each other.  They both take a pid, find the task
> struct, and then grab a ref on the mm.  They both also do an
> rcu_read_unlock() after they've taken the mm and then proceed to
> access 'task'.  I think this is a bug in both cases.

Can we share code?

> This patch takes the pid-to-task code along with the credential
> and security checks in sys_move_pages() and sys_migrate_pages()
> and consolidates them.  It now takes a task reference in
> the new function and requires the caller to drop it.  I
> believe this resolves the race.

Looks good to me.

Reviewed-by: Andi Kleen <>

BTW looks like we really need a better stress test for these


-- -- Speaking for myself only
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists