lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 22 Sep 2013 10:17:03 +0200 From: Mike Galbraith <bitbucket@...ine.de> To: Jia He <jiakernel@...il.com> Cc: linux-kernel@...r.kernel.org, Davidlohr Bueso <davidlohr.bueso@...com>, Andrew Morton <akpm@...ux-foundation.org>, Rik van Riel <riel@...hat.com>, Manfred Spraul <manfred@...orfullife.com>, Al Viro <viro@...iv.linux.org.uk> Subject: Re: [PATCH] ipc/sem.c: fix update sem_otime when calling sem_op in semaphore initialization On Sun, 2013-09-22 at 10:11 +0800, Jia He wrote: > In commit 0a2b9d4c,the update of semaphore's sem_otime(last semop time) > was removed because he wanted to move setting sem->sem_otime to one > place. But after that, the initial semop() will not set the otime > because its sem_op value is 0(in semtimedop,will not change > otime if alter == 1). > > the error case: > process_a(server) process_b(client) > semget() > semctl(SETVAL) > semop() > semget() > setctl(IP_STAT) > for(;;) { <--not successful here > check until sem_otime > 0 > } Why not.. ipc,sem: Create semaphores with plausible sem_otime. Signed-off-by: Mike Galbraith <bitbucket@...ine.de> diff --git a/ipc/sem.c b/ipc/sem.c index 4108889..f2564d7 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -471,19 +471,20 @@ static int newary(struct ipc_namespace *ns, struct ipc_params *params) ns->used_sems += nsems; sma->sem_base = (struct sem *) &sma[1]; + sma->complex_count = 0; + INIT_LIST_HEAD(&sma->pending_alter); + INIT_LIST_HEAD(&sma->pending_const); + INIT_LIST_HEAD(&sma->list_id); + sma->sem_nsems = nsems; + sma->sem_ctime = get_seconds(); for (i = 0; i < nsems; i++) { INIT_LIST_HEAD(&sma->sem_base[i].pending_alter); INIT_LIST_HEAD(&sma->sem_base[i].pending_const); spin_lock_init(&sma->sem_base[i].lock); + sma->sem_base[i].sem_otime = sma->sem_ctime; } - sma->complex_count = 0; - INIT_LIST_HEAD(&sma->pending_alter); - INIT_LIST_HEAD(&sma->pending_const); - INIT_LIST_HEAD(&sma->list_id); - sma->sem_nsems = nsems; - sma->sem_ctime = get_seconds(); sem_unlock(sma, -1); rcu_read_unlock(); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists