lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 May 2014 10:15:30 -0400 From: Richard Guy Briggs <rgb@...hat.com> To: "Serge E. Hallyn" <serge@...lyn.com> Cc: linux-audit@...hat.com, linux-kernel@...r.kernel.org, containers@...ts.linux-foundation.org, serge.hallyn@...ntu.com, eparis@...hat.com, sgrubb@...hat.com, ebiederm@...ssion.com Subject: Re: [PATCH 1/2] namespaces: give each namespace a serial number On 14/05/02, Serge E. Hallyn wrote: > Quoting Richard Guy Briggs (rgb@...hat.com): > > Most of this looks reasonable, but I'm curious about something, > > > +/** > > + * ns_serial - compute a serial number for the namespace > > + * > > + * Compute a serial number for the namespace to uniquely identify it in > > + * audit records. > > + */ > > +unsigned int ns_serial(void) > > +{ > > + static DEFINE_SPINLOCK(serial_lock); > > + static unsigned int serial = 4; /* reserved for IPC, UTS, user, PID */ > > + > > + unsigned long flags; > > + unsigned int ret; > > + > > + spin_lock_irqsave(&serial_lock, flags); > > + do { > > + ret = ++serial; > > + } while (unlikely(!ret)); > > Why exactly are you doing this? Surely if serial is going to > wrap around we've got a bigger problem than just wanting go > bump one more time? Thanks for catching this. The code was templated off audit_serial() which tries to solve a different problem and rolling it is much more likely. I hadn't noticed that rollover protection. However, I *had* thought of making it a long (which would be the same size on 32-bit arches, but larger on 64-bit) since a 64-bit system is more likely to roll it out of sheer speed and resource availability. But perhaps a long long would be safer. > > + spin_unlock_irqrestore(&serial_lock, flags); > > + > > + return ret; > > +} - RGB -- Richard Guy Briggs <rbriggs@...hat.com> Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists