| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Feb 2016 20:47:19 +0100
From: Guillaume Nault <g.nault@...halink.fr>
To: netdev@...r.kernel.org
Cc: Paul Mackerras <paulus@...ba.org>,
David Miller <davem@...emloft.net>
Subject: [PATCH net 4/5] ppp: protect access to ppp->last_{xmit,recv} in
ppp_ioctl()
ppp->last_xmit is witten to by ppp_send_frame() while protected by
ppp_xmit_lock().
Likewise, ppp->last_recv is written to by ppp_receive_nonmp_frame()
while protected by ppp_recv_lock().
Holding both locks is therefore necessary before ppp_ioctl() can safely
read these fields.
Signed-off-by: Guillaume Nault <g.nault@...halink.fr>
---
drivers/net/ppp/ppp_generic.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c
index 183d89c..24777f4 100644
--- a/drivers/net/ppp/ppp_generic.c
+++ b/drivers/net/ppp/ppp_generic.c
@@ -726,8 +726,11 @@ static long ppp_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
break;
case PPPIOCGIDLE:
+ ppp_lock(ppp);
idle.xmit_idle = (jiffies - ppp->last_xmit) / HZ;
idle.recv_idle = (jiffies - ppp->last_recv) / HZ;
+ ppp_unlock(ppp);
+
if (copy_to_user(argp, &idle, sizeof(idle)))
break;
err = 0;
--
2.7.0
Powered by blists - more mailing lists