lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 26 Aug 2020 10:34:48 +0800
From:   Muchun Song <>
To:     Andi Kleen <>
Cc:, Andrew Morton <>,,,,
        Linux Memory Management List <>,
        LKML <>
Subject: Re: [Phishing Risk] [External] Re: [PATCH] mm/hugetlb: Fix a race
 between hugetlb sysctl handlers

HI Andi,

On Tue, Aug 25, 2020 at 11:34 PM Andi Kleen <> wrote:
> > Fixes: e5ff215941d5 ("hugetlb: multiple hstates for multiple page sizes")
> I don't think the Fixes line is correct. The original patch
> just used a global variable and didn't have this race.
> It must have been added later in some other patch that added
> hugetlb_sysctl_handler_common.

I don't agree with you. The 'e5ff215941d5' is not used a global
variable. Below is the code snippet of this patch. Thanks.

@@ -1037,8 +1109,19 @@ int hugetlb_sysctl_handler(struct ctl_table
*table, int write,
                           struct file *file, void __user *buffer,
                           size_t *length, loff_t *ppos)
+       struct hstate *h = &default_hstate;
+       unsigned long tmp;

Here is a local variable of tmp.

+       if (!write)
+               tmp = h->max_huge_pages;
+       table->data = &tmp;
+       table->maxlen = sizeof(unsigned long);
        proc_doulongvec_minmax(table, write, file, buffer, length, ppos);
-       max_huge_pages = set_max_huge_pages(max_huge_pages);
+       if (write)
+               h->max_huge_pages = set_max_huge_pages(h, tmp);
        return 0;

> -Andi


Powered by blists - more mailing lists