[PATCH] sys_getppid oopses on debug kernel

sys_getppid() optimization can access a freed memory.
On kernels with DEBUG_SLAB turned ON, this results in
Oops.

Signed-Off-By: Kirill Korotaev <[email protected]>

--- ./kernel/timer.c.ppiddbg	2006-07-14 19:11:06.000000000 +0400
+++ ./kernel/timer.c	2006-08-08 14:19:24.000000000 +0400
@@ -1342,6 +1342,7 @@ asmlinkage long sys_getpid(void)
 asmlinkage long sys_getppid(void)
 {
 	int pid;
+#ifndef CONFIG_DEBUG_SLAB
 	struct task_struct *me = current;
 	struct task_struct *parent;
 
@@ -1364,6 +1365,16 @@ asmlinkage long sys_getppid(void)
 #endif
 		break;
 	}
+#else
+	/*
+	 * ->real_parent could be released before dereference and
+	 * we accessed freed kernel memory, which faults with debugging on.
+	 * Keep it simple and stupid.
+	 */
+	read_lock(&tasklist_lock);
+	pid = current->group_leader->real_parent->tgid;
+	read_unlock(&tasklist_lock);
+#endif
 	return pid;
 }

Follow-Ups:
- Re: [PATCH] sys_getppid oopses on debug kernel
  - From: Dave Hansen <[email protected]>

Prev by Date: Re: Only 3.2G ram out of 4G seen in an i386 box
Next by Date: Re: [PATCH] unserialized task->files changing
Previous by thread: when I use date command to change the date of the system, will it infuence the other process
Next by thread: Re: [PATCH] sys_getppid oopses on debug kernel
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]