lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Oct 2021 17:48:18 -0700 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: Toke Høiland-Jørgensen <toke@...hat.com> Cc: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Network Development <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>, Lorenzo Bianconi <lorenzo.bianconi@...hat.com> Subject: Re: [PATCH bpf] bpf: fix potential race in tail call compatibility check On Thu, Oct 21, 2021 at 11:40 AM Toke Høiland-Jørgensen <toke@...hat.com> wrote: > + map_type = READ_ONCE(array->aux->type); > + if (!map_type) { > + /* There's no owner yet where we could check for compatibility. > + * Do an atomic swap to prevent racing with another invocation > + * of this branch (via simultaneous map_update syscalls). > */ > - array->aux->type = fp->type; > - array->aux->jited = fp->jited; > + if (cmpxchg(&array->aux->type, 0, prog_type)) > + return false; Other fields might be used in the compatibility check in the future. This hack is too fragile. Just use a spin_lock.
Powered by blists - more mailing lists