| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <31182.1505838148@warthog.procyon.org.uk>
Date: Tue, 19 Sep 2017 17:22:28 +0100
From: David Howells <dhowells@...hat.com>
To: Eric Biggers <ebiggers3@...il.com>
Cc: dhowells@...hat.com, keyrings@...r.kernel.org,
Michael Halcrow <mhalcrow@...gle.com>,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, Eric Biggers <ebiggers@...gle.com>,
stable@...r.kernel.org
Subject: Re: [PATCH] KEYS: fix race between updating and finding negative key
Eric Biggers <ebiggers3@...il.com> wrote:
> Fix the bug by moving ->reject_error out of the union with ->payload,
> then using nonzero ->reject_error to mean that the key is negative.
>
> This eliminates the need for KEY_FLAG_NEGATIVE, which we remove as well
> so that we don't have to handle memory ordering between
> KEY_FLAG_NEGATIVE and ->reject_error. We *do* still need to handle
> memory ordering between KEY_FLAG_INSTANTIATED and ->reject_error, but
> that was needed before (and for KEY_FLAG_NEGATIVE as well --- though it
> wasn't done correctly, which was another bug).
Hmmm... My only objection is that it extends struct key still further, but
you do have a point.
If we're going to do this, can we eliminate KEY_FLAG_INSTANTIATED also and
make ->reject_error into ->status?
0 -> uninstantiated
1 -> instantiated
<0 -> negatively instantiated/rejected
Also, can we make it a short int please?
Also, can setting this field be done with a release barrier rather than a
write barrier?
David
Powered by blists - more mailing lists