lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250805124300.GB27131@redhat.com>
Date: Tue, 5 Aug 2025 14:43:01 +0200
From: Oleg Nesterov <oleg@...hat.com>
To: Christian Brauner <brauner@...nel.org>
Cc: 高翔 <gaoxiang17@...omi.com>,
	Al Viro <viro@...iv.linux.org.uk>,
	Xiang Gao <gxxa03070307@...il.com>,
	"mjguzik@...il.com" <mjguzik@...il.com>,
	"Liam.Howlett@...cle.com" <Liam.Howlett@...cle.com>,
	"joel.granados@...nel.org" <joel.granados@...nel.org>,
	"lorenzo.stoakes@...cle.com" <lorenzo.stoakes@...cle.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] pid: Add a judgment for ns null in pid_nr_ns

On 08/04, Oleg Nesterov wrote:
>
> But. I need to re-check, but I just realized that pid_alive() can't
> really help, tsk->thread_pid is not stable even if tsk == current.
>
> This means that, say, task_ppid_nr_ns() is buggy.

After the quick grep I don't see the problematic users, but if a zombie
task T does task_ppid_nr_ns(current, NULL) the kernel can crash:

	- pid_alive() succeeds, the task is not reaped yet
	
	- the parent/debugger does wait()->release_task(T), T->thread_pid
	  is NULL now

	- T calls task_tgid_nr_ns()-> ... pid_nr_ns(ns => NULL) because
	  task_active_pid_ns(T) returns NULL

Do you think this worth fixing?


In any case, I think that task_state(), sched_show_task(), bacct_add_tsk()
should be changed to use task_ppid_nr_ns(tsk).

Oleg.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ