LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* Re: + redo-locking-of-tty-pgrp.patch added to -mm tree
       [not found] <200802230737.m1N7bfLB018553@imap1.linux-foundation.org>
@ 2008-02-23 17:17 ` Oleg Nesterov
  2008-02-29 17:41   ` Alan Cox
  0 siblings, 1 reply; 2+ messages in thread
From: Oleg Nesterov @ 2008-02-23 17:17 UTC (permalink / raw)
  To: akpm; +Cc: linux-kernel, alan, alan

On 02/22, Andrew Morton wrote:
> 
> Subject: redo locking of tty->pgrp
> From: Alan Cox <alan@lxorguk.ukuu.org.uk>
> 
> Historically tty->pgrp and friends were pid_t and the code "knew" they were
> safe.  The change to pid structs opened up a few races and the removal of the
> BKL in places made them quite hittable.  We put tty->pgrp under the ctrl_lock
> for the tty.

tiocgpgrp() still does pid_vnr(real_tty->pgrp) lockless, this is not safe, no?
(the same for do_task_stat).

It can race with tiocspgrp()->put_pid(real_tty->pgrp) which can actually free
that pid. If this memory is reused, pid_nr_ns() can (in theory) crash.

Oleg.


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: + redo-locking-of-tty-pgrp.patch added to -mm tree
  2008-02-23 17:17 ` + redo-locking-of-tty-pgrp.patch added to -mm tree Oleg Nesterov
@ 2008-02-29 17:41   ` Alan Cox
  0 siblings, 0 replies; 2+ messages in thread
From: Alan Cox @ 2008-02-29 17:41 UTC (permalink / raw)
  To: Oleg Nesterov; +Cc: akpm, linux-kernel, alan, alan

On Sat, Feb 23, 2008 at 08:17:46PM +0300, Oleg Nesterov wrote:
> tiocgpgrp() still does pid_vnr(real_tty->pgrp) lockless, this is not safe, no?
> (the same for do_task_stat).

Fixed both in my tree

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2008-02-29 17:42 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <200802230737.m1N7bfLB018553@imap1.linux-foundation.org>
2008-02-23 17:17 ` + redo-locking-of-tty-pgrp.patch added to -mm tree Oleg Nesterov
2008-02-29 17:41   ` Alan Cox

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).