| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2c70eff8-c79a-4c99-b8db-491ce25745a0@redhat.com> Date: Sat, 22 Jun 2024 16:12:57 -0400 From: Waiman Long <longman@...hat.com> To: Markus Elfring <Markus.Elfring@....de>, Chen Ridong <chenridong@...wei.com>, cgroups@...r.kernel.org, bpf@...r.kernel.org, Johannes Weiner <hannes@...xchg.org>, Tejun Heo <tj@...nel.org>, Zefan Li <lizefan.x@...edance.com> Cc: LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] cgroup/cpuset: Prevent UAF in proc_cpuset_show() On 6/22/24 16:04, Markus Elfring wrote: > … >> +++ b/kernel/cgroup/cpuset.c > … >> @@ -5051,10 +5066,12 @@ int proc_cpuset_show(struct seq_file *m, struct pid_namespace *ns, >> if (!buf) >> goto out; >> >> + mutex_lock(&cpuset_mutex); >> css = task_get_css(tsk, cpuset_cgrp_id); >> retval = cgroup_path_ns(css->cgroup, buf, PATH_MAX, >> current->nsproxy->cgroup_ns); >> css_put(css); >> + mutex_unlock(&cpuset_mutex); > … > > Under which circumstances would you become interested to apply a statement > like “guard(mutex)(&cpuset_mutex);”? > https://elixir.bootlin.com/linux/v6.10-rc4/source/include/linux/mutex.h#L196 A mutex guard will be more appropriate if there is an error exit case that needs to be handled. Otherwise, it is more straight forward and easier to understand with the simple lock/unlock. Cheers, Longman
Powered by blists - more mailing lists