Re: [PATCH 0/2] finx argv_split() vs sysctl race

[Oleg Nesterov]

On 03/16, Andi Kleen wrote:
>
> On Sat, Mar 16, 2013 at 09:23:27PM +0100, Oleg Nesterov wrote:
> > On 03/15, Oleg Nesterov wrote:
> > >
> > > To remind, say, argv_split(poweroff_cmd) can race with sysctl changing this
> > > string, in this case it can write to the memory after argv[] array. We can
> > > fix this, or we can rewrite argv_split/free:
> >
> > OK, please see 1/2.
> >
> > And this reminds me about set_task_comm() which pretends it does something
> > meaningful for the reader of the mutable ->comm, see the offtopic 2/2.
>
> I had "rcu strings" to handle the sysctl string race problem in a
> generic way some time ago.
>
> http://lwn.net/Articles/368684/
>
> Unfortunately never made it in. Perhaps it should be revisited.

Perhaps rcu can be better, although a global rwsem looks simpler,
I dunno.

But argv_split() or its usage should be changed anyway, and GFP_KERNEL
won't work under rcu_read_lock().

To me 1/2 looks as a simplification anyway, but I won't argue if we
decide to add rcu/locking and avoid this patch.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/