From: ebiederm@xmission.com (Eric W. Biederman)
To: tim.gardner@canonical.com
Cc: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>,
lamont@canonical.com, sconklin@canonical.com,
netdev@vger.kernel.org
Subject: Re: Reported regression against commit a05d2ad
Date: Wed, 22 Jun 2011 11:00:56 -0700 [thread overview]
Message-ID: <m1y60tlp9j.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <4E02273E.2080000@canonical.com> (Tim Gardner's message of "Wed, 22 Jun 2011 11:32:46 -0600")
Tim Gardner <tim.gardner@canonical.com> writes:
> On 06/21/2011 02:49 PM, Eric W. Biederman wrote:
> <snip>
>> I respectfully suggest that the bug is elsewhere perhaps a broken user
>> space application out there that needs to be fixed, or you have a kernel
>> memory stomp that removing patch a05d2ad happens to shift the memory
>> layout to be harmful in a different way.
>>
>
> OK, I'm remembering how PF_UNIX Unix domain sockets are used, so I think your
> theory about a misbehaving user space application is more likely. However, I am
> a bit confused about how an application can attempt to receive before the socket
> is fully opened. Some kind of race condition with socketpair() ?
The case that is relevant is a listening SOCK_SEQPACKET socket.
The case that is affected is when you call receive on a listening
socket.
It isn't that the socket isn't fully opened. It is that accept is the
only legitimate operation at that point.
It took a mistake while someone was developing an application for this
kernel bug to be found.
Eric
prev parent reply other threads:[~2011-06-22 18:01 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-21 20:15 Reported regression against commit a05d2ad Herton Ronaldo Krzesinski
2011-06-21 20:38 ` Tim Gardner
2011-06-21 20:54 ` Eric W. Biederman
2011-06-21 20:49 ` Eric W. Biederman
2011-06-22 17:32 ` Tim Gardner
2011-06-22 18:00 ` Eric W. Biederman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1y60tlp9j.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=herton.krzesinski@canonical.com \
--cc=lamont@canonical.com \
--cc=netdev@vger.kernel.org \
--cc=sconklin@canonical.com \
--cc=tim.gardner@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.