[RFC PATCH 2/2] security/brute.c: Protect the stats pointer
valdis.kletnieks at vt.edu
Tue Dec 8 09:42:59 EST 2020
On Tue, 08 Dec 2020 11:35:57 +0100, John Wood said:
> I think the stats pointer present in the task_struct's security blob
> needs to be protected against concurrency for the following reasons.
> 1.- The same process forking at the same time in two different CPUs.
> 2.- The same process execve() at the same time in two different CPUs.
OK, I'll bite. How would these two cases even happen?
(Note that you could conceivably issue the fork()/exeve() on one CPU, run
kernel code for a bit and then get rescheduled onto a different CPU to complete
the syscall, but that's a different cache coherency can-o-worms :)
(Your case 3 of a fork/exec while you traverse is an actual issue. Note that
you missed one case - where the process evaporates for some reason while you do
the traverse and you're left with a stale pointer...)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 832 bytes
Desc: not available
More information about the Kernelnewbies