lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 17 Jun 2014 00:28:00 +0200 (CEST)
From:	Thomas Gleixner <>
To:	Darren Hart <>
cc:	LKML <>,
	Peter Zijlstra <>,
	Ingo Molnar <>,
	Davidlohr Bueso <>,
	Kees Cook <>,
Subject: Re: [patch 1/5] futex: Make unlock_pi more robust

On Tue, 17 Jun 2014, Thomas Gleixner wrote:
> On Mon, 16 Jun 2014, Darren Hart wrote:
> > On Wed, 2014-06-11 at 20:45 +0000, Thomas Gleixner wrote:
> > In wake_futex_pi we verify ownership by matching pi_state->owner ==
> > current, but here the only test is the TID value, which is set by
> > userspace - which we don't trust...
> > 
> > I'm trying to determine if it matters in this case... if there are no
> > waiters, is the pi_state still around? If so, it does indeed matter, and
> > we should be verifying.
> Erm. The whole point of this patch is to do:
>      - Find existing state first and handle it.
>      - If no state exists and TID == current, take it
>      - Otherwise create state

Duh, that was the lock path. But here the point is:

      - Find existing state first and handle it.

      - If no state exists and TID == current, release it

The retry is obvious, right?



To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists