Re: [PATCH] 2.4: Fix steal_locks race

From: Andreas Gruenbacher
Date: Fri Aug 08 2003 - 21:12:34 EST

Next message: Dave Jones: "Re: 2.6test /proc/net/pnp oops."
Previous message: Jamie Lokier: "Re: sendfile system call on tmpfs"
In reply to: Andreas Gruenbacher: "Re: [PATCH] 2.4: Fix steal_locks race"
Next in thread: Herbert Xu: "Re: [PATCH] 2.4: Fix steal_locks race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 9 Aug 2003, Herbert Xu wrote:

> On Fri, Aug 08, 2003 at 08:53:21PM +1000, herbert wrote:
> >
> > The steal_locks() call in binfmt_elf.c is buggy. It steals locks from
> > a files entry whose reference was dropped much earlier. This allows it
> > to steal other process's locks.
> >
> > The following patch calls steal_locks() earlier so that this does not
> > happen.
>
> My patch is buggy too. If a file is closed by another clone between
> the two steal_locks calls the lock will again be lost. Fortunately
> this much harder to trigger than the previous bug.

I think this is not a strict bug---this scenario is not covered by POSIX
in the first place. Unless lock stealing is done atomically with
unshare_files there is a window of oportunity between unshare_files() and
steal_locks(), so locks can still get lost.

Cheers,
Andreas.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dave Jones: "Re: 2.6test /proc/net/pnp oops."
Previous message: Jamie Lokier: "Re: sendfile system call on tmpfs"
In reply to: Andreas Gruenbacher: "Re: [PATCH] 2.4: Fix steal_locks race"
Next in thread: Herbert Xu: "Re: [PATCH] 2.4: Fix steal_locks race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]