| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191121084842.095edf87@suzdal.zaitcev.lan>
Date: Thu, 21 Nov 2019 08:48:42 -0600
From: Pete Zaitcev <zaitcev@...hat.com>
To: Alan Stern <stern@...land.harvard.edu>
Cc: syzbot <syzbot+56f9673bb4cdcbeb0e92@...kaller.appspotmail.com>,
<arnd@...db.de>, <gregkh@...uxfoundation.org>,
<jrdr.linux@...il.com>, <keescook@...omium.org>,
<kstewart@...uxfoundation.org>,
Kernel development list <linux-kernel@...r.kernel.org>,
USB list <linux-usb@...r.kernel.org>,
<syzkaller-bugs@...glegroups.com>, <tglx@...utronix.de>,
<viro@...iv.linux.org.uk>, zaitcev@...hat.com
Subject: Re: possible deadlock in mon_bin_vma_fault
On Wed, 20 Nov 2019 13:47:00 -0500 (EST)
Alan Stern <stern@...land.harvard.edu> wrote:
> > + if (rp->mmap_active)
> > + return -EBUSY;
> Like that, yes, but the test has to be made while fetch_lock is held.
Certainly, thanks. I was rushing just to add a postscriptum.
> Incidentally, the comment for fetch_lock says that it protects b_read
> and b_out, but mon_bin_vma_fault doesn't use either of those fields.
I probably should change that comment to "protect the integrity of the
circular buffer, such as b_out".
Anyway... If you are looking at it too, what do you think about not using
any locks in mon_bin_vma_fault() at all? Isn't it valid? I think I tried
to be "safe", but it only uses things that are constants unless we're
opening and closing; a process cannot make page faults unless it has
some thing mapped; and that is only possible if device is open and stays
open. Can you find a hole in this reasoning?
-- Pete
Powered by blists - more mailing lists