LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Oleg Nesterov <oleg@tv-sign.ru>
To: akpm@linux-foundation.org
Cc: linux-kernel@vger.kernel.org, alan@lxorguk.ukuu.org.uk, alan@redhat.com
Subject: Re: + redo-locking-of-tty-pgrp.patch added to -mm tree
Date: Sat, 23 Feb 2008 20:17:46 +0300	[thread overview]
Message-ID: <20080223171746.GB7686@tv-sign.ru> (raw)
In-Reply-To: <200802230737.m1N7bfLB018553@imap1.linux-foundation.org>

On 02/22, Andrew Morton wrote:
> 
> Subject: redo locking of tty->pgrp
> From: Alan Cox <alan@lxorguk.ukuu.org.uk>
> 
> Historically tty->pgrp and friends were pid_t and the code "knew" they were
> safe.  The change to pid structs opened up a few races and the removal of the
> BKL in places made them quite hittable.  We put tty->pgrp under the ctrl_lock
> for the tty.

tiocgpgrp() still does pid_vnr(real_tty->pgrp) lockless, this is not safe, no?
(the same for do_task_stat).

It can race with tiocspgrp()->put_pid(real_tty->pgrp) which can actually free
that pid. If this memory is reused, pid_nr_ns() can (in theory) crash.

Oleg.


       reply	other threads:[~2008-02-23 17:13 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <200802230737.m1N7bfLB018553@imap1.linux-foundation.org>
2008-02-23 17:17 ` Oleg Nesterov [this message]
2008-02-29 17:41   ` Alan Cox

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20080223171746.GB7686@tv-sign.ru \
    --to=oleg@tv-sign.ru \
    --cc=akpm@linux-foundation.org \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=alan@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --subject='Re: + redo-locking-of-tty-pgrp.patch added to -mm tree' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).