>alan, though, this is an exploitable way, on SMP, for looking at bits of
>kernel memory, so maybe it's better to keep both copy operations.
If you make sure the page won't be reused before reading the contents
you'll fix the security problem too without the copy. I believe this is
the best approch and actually it's exactly what I did in my last patch.
>dereferences. however, it's not clear how we can guarantee that the
>calculations it does will be correct unless some locking is done on those
The calculations looks correct. It's not assured they are consistent with
each other. But this looks like a minor problem to me. You may see the
signal setting at time X and the virtual-memory size at time X+1 in the
same `ps` but that shouldn't be a major problem and we can live with it.
But you can't see weird things like signal pending at time X and signal
blocked at time X+1 in the same `ps` and that's are the things I care
about.
Note that copying the task struct won't save you from this coherency
problem too as you should held all locks before doing the copy to avoid
that. Also in get_status() you was reading the mm state after dropping all
locks and while getting only the MM semaphore. So also the old 2.3.10ac10
code was not consistent exactly as my code isn't. That's not an issue
IMHO.
Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/