lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <378a7d41-5588-44af-ae78-6bfd43e9709a@gmail.com>
Date: Tue, 29 Jul 2025 16:53:34 -0700
From: JP Kobryn <inwardvessel@...il.com>
To: Michal Koutný <mkoutny@...e.com>
Cc: tj@...nel.org, shakeel.butt@...ux.dev, yosryahmed@...gle.com,
 hannes@...xchg.org, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
 cgroups@...r.kernel.org, kernel-team@...a.com
Subject: Re: [PATCH 0/5 cgroup/for-6.16-fixes] harden css_create() for safe
 placement of call to css_rstat_init()

On 7/29/25 2:42 AM, Michal Koutný wrote:
> On Mon, Jul 28, 2025 at 11:04:56AM -0700, JP Kobryn <inwardvessel@...il.com> wrote:
>> I did consider adding an "initialized" flag to the css but since there can
>> be multiple css's per
>> cgroup it felt like it would be adding overhead. So I went the path of
>> getting the call
>> sequence right. I'm open to feedback on this, though.
> 
> An implicit flag that builds upon the assumption that css_rstat_init()
> must only succeed after it allocates ->rstat_cpu (didn't check gotchas
> of this approach with !CONFIG_SMP)

I think this can work. This can probably be the early fix and then the
refactoring can follow.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ