| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170106093251.GL3093@worktop>
Date: Fri, 6 Jan 2017 10:32:51 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Kees Cook <keescook@...omium.org>
Cc: linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
John Dias <joaodias@...gle.com>, Min Chong <mchong@...gle.com>
Subject: Re: [PATCH] perf: protect group_leader from races that cause ctx
On Thu, Jan 05, 2017 at 03:14:29PM -0800, Kees Cook wrote:
> From: John Dias <joaodias@...gle.com>
>
> When moving a group_leader perf event from a software-context to
> a hardware-context, there's a race in checking and updating that
> context. The existing locking solution doesn't work; note that it tries
> to grab a lock inside the group_leader's context object, which you can
> only get at by going through a pointer that should be protected from these
> races. If two threads trigger this operation simultaneously, the refcount
> of 'perf_event_context' will fall to zero and the object may be freed.
>
> To avoid that problem, and to produce a simple solution, we can just
> use a lock per group_leader to protect all checks on the group_leader's
> context. The new lock is grabbed and released when no context locks are
> held.
This Changelog really stinks. I'll go try and reverse engineer the thing
:-(
Powered by blists - more mailing lists