From: Paul Jackson <pj@sgi.com>
To: Daniel Walker <dwalker@mvista.com>
Cc: mingo@elte.hu, linux-kernel@vger.kernel.org, drepper@redhat.com,
tglx@linutronix.de, arjan@infradead.org, akpm@osdl.org
Subject: Re: [patch 0/6] lightweight robust futexes: -V3
Date: Thu, 16 Feb 2006 12:47:58 -0800 [thread overview]
Message-ID: <20060216124758.d51befd5.pj@sgi.com> (raw)
In-Reply-To: <1140111257.21681.26.camel@localhost.localdomain>
Daniel wrote:
> "on the surface" you could manipulate the futex_offset to
> access memory unrelated to the futex structure .
If a piece of malicious code has wormed its way far enough into my
application to be manipulating this list, then I don't think that code
will gain any further advantage by manpulating this list. I think my
application is already powned.
That malicious code would have no need to have the kernel futext handling
code do its dirty work indirectly via manipulations of this list. It can
just do the dirty work directly.
All Ingo needs to insure is that the kernel will assume no more
priviledge when reading/writing this list than the current task had,
from user space, reading/writing this list.
--
I won't rest till it's the best ...
Programmer, Linux Scalability
Paul Jackson <pj@sgi.com> 1.925.600.0401
next prev parent reply other threads:[~2006-02-16 20:48 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-16 9:41 [patch 0/6] lightweight robust futexes: -V3 Ingo Molnar
2006-02-16 16:33 ` Daniel Walker
2006-02-16 17:24 ` Ingo Molnar
2006-02-16 17:34 ` Daniel Walker
2006-02-16 19:06 ` [patch 0/6] lightweight robust futexes: -V3 - Why in userspace? Esben Nielsen
2006-02-16 19:34 ` Arjan van de Ven
2006-02-16 20:04 ` Esben Nielsen
2006-02-16 20:17 ` Esben Nielsen
2006-02-16 20:23 ` Christopher Friesen
2006-02-16 20:36 ` Ingo Molnar
2006-02-16 22:32 ` Esben Nielsen
2006-02-16 22:36 ` Ingo Molnar
2006-02-16 23:20 ` Esben Nielsen
2006-02-16 23:39 ` Ingo Molnar
2006-02-17 0:20 ` Esben Nielsen
2006-02-17 0:42 ` Ingo Molnar
2006-02-17 23:47 ` Andrew James Wade
2006-02-16 20:23 ` [patch 0/6] lightweight robust futexes: -V3 Ingo Molnar
2006-02-16 20:54 ` Daniel Walker
2006-02-16 21:26 ` Ingo Molnar
2006-02-16 21:50 ` Christopher Friesen
2006-02-16 21:55 ` Ingo Molnar
2006-02-16 20:47 ` Paul Jackson [this message]
2006-02-16 21:35 ` Ingo Molnar
2006-02-16 21:23 ` Paul Jackson
2006-02-16 21:50 ` Ingo Molnar
2006-02-17 4:56 ` Paul Jackson
2006-02-17 9:41 ` Ingo Molnar
2006-02-17 11:59 ` Ingo Molnar
2006-02-17 20:50 ` Paul Jackson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060216124758.d51befd5.pj@sgi.com \
--to=pj@sgi.com \
--cc=akpm@osdl.org \
--cc=arjan@infradead.org \
--cc=drepper@redhat.com \
--cc=dwalker@mvista.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox