lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 26 Oct 2022 10:20:37 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     John Ogness <john.ogness@...utronix.de>
Cc:     Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH printk v2 31/38] printk: register_console: use srcu
 console list iterator

On Wed 2022-10-19 17:01:53, John Ogness wrote:
> Use srcu console list iteration for console list traversal. Now
> the traversal at the beginning of register_console() is safe.
> 
> Signed-off-by: John Ogness <john.ogness@...utronix.de>

Reviewed-by: Petr Mladek <pmladek@...e.com>

That said, I think that we could omit this patch. It does not harm.
It prevents a crash when iterating the list but it is only small part
of the races here.

For example, it sets "realcon_enabled" but the list might change before the
value is used. Also the later hlist_empty(&console_list) and
!console_first->device checks are not secure against each other.

The real solution is the introduction of console_list_lock in 33th
patch. That patch removes the rcu read lock. From this POV, this patch
is just unnecessary churn.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ