| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <73D0730D-C63C-47EE-AE56-5A0B6A2432D8@dilger.ca>
Date: Tue, 11 Apr 2017 15:02:16 -0600
From: Andreas Dilger <adilger@...ger.ca>
To: Al Viro <viro@...IV.linux.org.uk>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>
Subject: Re: [git pull] vfs fixes
On Apr 11, 2017, at 12:48 AM, Al Viro <viro@...IV.linux.org.uk> wrote:
> On Mon, Apr 10, 2017 at 11:10:19PM -0700, Linus Torvalds wrote:
>
>> It looks odd because the lock part is
>>
>> if (flags & LOOKUP_RCU)
>> rcu_read_lock();
>>
>> ie it's locked conditionally, and the code in between does not seem to
>> return every time LOOKUP_RCU is clear.
>>
>> So mind giving this a look? Is it as obviously buggy as I think it is,
>> or is there something I'm missing?
>
> It's more obscure than I would like, and can grow into a bug one day, but...
> nd_jump_root() can only return non-zero if you have LOOKUP_RCU. So without
> LOOKUP_RCU in flags, this
> if (flags & LOOKUP_RCU)
> rcu_read_lock();
> set_root(nd);
> if (likely(!nd_jump_root(nd)))
> return s;
> nd->root.mnt = NULL;
> rcu_read_unlock();
> won't get to that rcu_read_unlock() at all - it'll get zero from nd_jump_root()
> and proceed to return s;
So possibly a comment like the following would be helpful:
rcu_read_unlock(); /* nd_jump_root() returns if !LOOKUP_RCU */
so that us mere mortals have a chance to understand this in the future?
Cheers, Andreas
Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)
Powered by blists - more mailing lists