| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Aug 2016 14:50:21 -0400
From: Richard Guy Briggs <rgb@...hat.com>
To: Mateusz Guzik <mguzik@...hat.com>
Cc: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>,
ebiederm@...ssion.com, oleg@...hat.com, sgrubb@...hat.com,
pmoore@...hat.com, eparis@...hat.com, luto@...capital.net,
linux-audit@...hat.com, linux-kernel@...r.kernel.org,
Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [PATCHv2 0/2] introduce get_task_exe_file and use it to fix
audit_exe_compare
On 2016-08-23 16:20, Mateusz Guzik wrote:
> audit_exe_compare directly accesses mm->exe_file without making sure the
> object is stable. Fixing it using current primitives results in
> partially duplicating what proc_exe_link is doing.
>
> As such, introduce a trivial helper which can be used in both places and
> fix the func.
>
> Changes since v1:
> * removed an unused 'out' label which crept in
>
> Mateusz Guzik (2):
> mm: introduce get_task_exe_file
> audit: fix exe_file access in audit_exe_compare
The task_lock affects a much bigger struct than the mm ref count. Is
this really necessary? Is a spin-lock significantly lower cost than a
refcount? Other than that, this refactorization looks sensible.
Acked-by: Richard Guy Briggs <rgb@...hat.com>
> fs/proc/base.c | 7 +------
> include/linux/mm.h | 1 +
> kernel/audit_watch.c | 8 +++++---
> kernel/fork.c | 23 +++++++++++++++++++++++
> 4 files changed, 30 insertions(+), 9 deletions(-)
>
> --
> 1.8.3.1
>
- RGB
--
Richard Guy Briggs <rgb@...hat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635
Powered by blists - more mailing lists