| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181218215321.GW10600@bombadil.infradead.org>
Date: Tue, 18 Dec 2018 13:53:21 -0800
From: Matthew Wilcox <willy@...radead.org>
To: "Eric W. Biederman" <ebiederm@...ssion.com>,
Gargi Sharma <gs051095@...il.com>,
Rik van Riel <riel@...hat.com>,
Oleg Nesterov <oleg@...hat.com>
Cc: linux-kernel@...r.kernel.org
Subject: [RFC] Fix failure path in alloc_pid()
The failure path removes the allocated PIDs from the wrong namespace.
I believe this is correct, but have not tested it. Spotted by inspection,
do we have a test suite for PID namespaces? Some error injection,
perhaps?
Fixes: 95846ecf9dac ("pid: replace pid bitmap implementation with IDR API")
diff --git a/kernel/pid.c b/kernel/pid.c
index b2f6c506035da..75264e0d1e71d 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -233,8 +233,11 @@ struct pid *alloc_pid(struct pid_namespace *ns)
out_free:
spin_lock_irq(&pidmap_lock);
- while (++i <= ns->level)
- idr_remove(&ns->idr, (pid->numbers + i)->nr);
+ upid = pid->numbers + i;
+ while (++i <= ns->level) {
+ upid++;
+ idr_remove(&upid->ns->idr, upid->nr);
+ }
/* On failure to allocate the first pid, reset the state */
if (ns->pid_allocated == PIDNS_ADDING)
Powered by blists - more mailing lists