| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1339145227.23343.42.camel@twins> Date: Fri, 08 Jun 2012 10:47:07 +0200 From: Peter Zijlstra <peterz@...radead.org> To: Oleg Nesterov <oleg@...hat.com> Cc: Hugh Dickins <hughd@...gle.com>, Ingo Molnar <mingo@...e.hu>, Srikar Dronamraju <srikar@...ux.vnet.ibm.com>, Ananth N Mavinakayanahalli <ananth@...ibm.com>, Anton Arapov <anton@...hat.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH 3/3] uprobes: write_opcode()->__replace_page() can race with try_to_unmap() On Thu, 2012-06-07 at 19:00 +0200, Oleg Nesterov wrote: > write_opcode() gets old_page via get_user_pages() and then calls > __replace_page() which assumes that this old_page is still mapped > after pte_offset_map_lock(). > > This is not true if this old_page was already try_to_unmap()'ed, > and in this case everything __replace_page() does with old_page > is wrong. Just for example, put_page() is not balanced. > > I think it is possible to teach __replace_page() to handle this > unlikely case correctly, but this patch simply changes it to use > page_check_address() and return -EAGAIN if it fails. The caller > should notice this error code and retry. Note that replace_page() was nicked from ksm, does that suffer a similar problem? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists