Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Solar Designer <solar@openwall.com>
Cc: Sergey Vlasov <vsu@altlinux.ru>,
	Linus Torvalds <torvalds@osdl.org>,
	vendor-sec@lst.de, linux-kernel@vger.kernel.org,
	security@linux.kernel.org
Subject: Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)
Date: Tue, 27 Sep 2005 21:34:11 +0100	[thread overview]
Message-ID: <1127853252.10674.9.camel@localhost.localdomain> (raw)
In-Reply-To: <20050927172048.GA3423@openwall.com>

On Maw, 2005-09-27 at 21:20 +0400, Solar Designer wrote:
> The idea is to introduce a kernel call (it can be a prctl(2) setting,
> although my pseudo-code "defines" an entire syscall for simplicity)
> which would "lock" the invoking process' view of a given PID (while
> letting the PID get reused - so there's no added risk of DoS).  The
> original posting and subsequent thread can be seen here:


You can solve it just as well in kernel space without application
changes. Given a refcounted structure something like

	struct pidref {
		atomic_t ref;
		struct pidref *next, *prev;
		pid_t pid;
	};

and a hash you can take a pid reference whenever you hang onto a pid in
kernel space and check what should be a tiny if not empty hash in the
normal cases whenever you allocate a pid.

Alan

next prev parent reply	other threads:[~2005-09-27 20:08 UTC|newest]

Thread overview: 48+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-09-25 15:13 [BUG/PATCH/RFC] Oops while completing async USB via usbdevio Harald Welte
2005-09-27  8:04 ` [vendor-sec] " Greg KH
2005-09-27  9:13   ` Greg KH
     [not found]     ` <20050927110319.GD1980@piware.de>
2005-09-27 12:22       ` [vendor-sec] " Greg KH
2005-09-27 12:48   ` [vendor-sec] " Christoph Hellwig
2005-09-27 12:57     ` Greg KH
2005-09-27 12:59       ` Christoph Hellwig
2005-09-27 13:09         ` Greg KH
2005-09-27 15:27           ` David Brownell
2005-09-27 14:53 ` [Security] " Linus Torvalds
2005-09-27 16:00   ` [linux-usb-devel] " Sergey Vlasov
2005-09-27 16:09     ` Linus Torvalds
2005-09-27 16:52       ` Sergey Vlasov
2005-09-27 17:02         ` Linus Torvalds
2005-09-30 10:47           ` Harald Welte
2005-09-30 14:56             ` Linus Torvalds
2005-09-30 18:44               ` Chris Wright
2005-09-30 19:27                 ` Linus Torvalds
2005-09-30 20:38                   ` Chris Wright
2005-09-30 22:08                   ` Harald Welte
2005-09-30 22:16                     ` Linus Torvalds
2005-10-10 17:44                       ` Harald Welte
2005-10-10 18:07                         ` Chris Wright
2005-10-11  9:45                           ` Harald Welte
2005-10-11 23:10                             ` [vendor-sec] " Greg KH
2005-10-11 23:44                               ` Linus Torvalds
2005-10-12  7:24                                 ` Harald Welte
2005-10-13  5:51                             ` Horms
2005-10-11 13:57                           ` Bernd Petrovitsch
2005-10-10 18:19                         ` Linus Torvalds
2005-10-10 22:47                           ` Chris Wright
2005-10-10 20:03                         ` [linux-usb-devel] " Alan Stern
2005-10-11  8:28                           ` Harald Welte
2005-10-11 17:37                           ` Paul Jackson
2005-10-11 17:58                             ` linux-os (Dick Johnson)
2005-10-11 19:13                               ` Alan Stern
2005-10-11 20:02                                 ` [Security] " Alan Cox
2005-09-27 17:20         ` PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio) Solar Designer
2005-09-27 20:34           ` Alan Cox [this message]
2005-09-27 20:42             ` Linus Torvalds
2005-09-27 21:16               ` Solar Designer
2005-09-27 21:03             ` Solar Designer
2005-09-27 16:58       ` [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio Alan Cox
2005-09-27 16:59         ` Linus Torvalds
2005-09-27 20:35           ` Alan Cox
2005-10-13 23:00         ` Pete Zaitcev
2005-10-13 23:16           ` Linus Torvalds
2005-10-13 23:56             ` Pete Zaitcev

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1127853252.10674.9.camel@localhost.localdomain \
    --to=alan@lxorguk.ukuu.org.uk \
    --cc=linux-kernel@vger.kernel.org \
    --cc=security@linux.kernel.org \
    --cc=solar@openwall.com \
    --cc=torvalds@osdl.org \
    --cc=vendor-sec@lst.de \
    --cc=vsu@altlinux.ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.