lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri,  6 Mar 2020 11:23:14 -0600
From:   minyard@....org
To:     linux-kernel@...r.kernel.org
Cc:     Corey Minyard <cminyard@...sta.com>, stable@...r.kernel.org,
        Adrian Reber <areber@...hat.com>,
        Christian Brauner <christian.brauner@...ntu.com>,
        Oleg Nesterov <oleg@...hat.com>,
        Dmitry Safonov <0x7f454c46@...il.com>,
        Andrei Vagin <avagin@...il.com>
Subject: [PATCH v2] pid: Fix error return value in some cases

From: Corey Minyard <cminyard@...sta.com>

Recent changes to alloc_pid() allow the pid number to be specified on
the command line.  If set_tid_size is set, then the code scanning the
levels will hard-set retval to -EPERM, overriding it's previous -ENOMEM
value.

After the code scanning the levels, there are error returns that do not
set retval, assuming it is still set to -ENOMEM.

So set retval back to -ENOMEM after scanning the levels.

Fixes: 49cb2fc42ce4 "fork: extend clone3() to support setting a PID"
Signed-off-by: Corey Minyard <cminyard@...sta.com>
Cc: <stable@...r.kernel.org> # 5.5
Cc: Adrian Reber <areber@...hat.com>
Cc: Christian Brauner <christian.brauner@...ntu.com>
Cc: Oleg Nesterov <oleg@...hat.com>
Cc: Dmitry Safonov <0x7f454c46@...il.com>
Cc: Andrei Vagin <avagin@...il.com>
---

Changes from v1:
  Just set retval to -ENOMEM before the gotos that would use it.

I do think that the second instance:

        if (!(ns->pid_allocated & PIDNS_ADDING))
                goto out_unlock;

is returning the wrong error value, but that's probably not a big
deal, and if it was fixed would probably need to be a separate change.

In the first instance, the error return values are almost all -ENOMEM,
anyway.

 kernel/pid.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel/pid.c b/kernel/pid.c
index 0f4ecb57214c..19645b25b77c 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -247,6 +247,8 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
 		tmp = tmp->parent;
 	}
 
+	retval = -ENOMEM;
+
 	if (unlikely(is_child_reaper(pid))) {
 		if (pid_ns_prepare_proc(ns))
 			goto out_free;
-- 
2.17.1

Powered by blists - more mailing lists