Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re:[Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB viausbdevio)

[Alan Cox]

On Maw, 2005-09-27 at 21:20 +0400, Solar Designer wrote:
> The idea is to introduce a kernel call (it can be a prctl(2) setting,
> although my pseudo-code "defines" an entire syscall for simplicity)
> which would "lock" the invoking process' view of a given PID (while
> letting the PID get reused - so there's no added risk of DoS).  The
> original posting and subsequent thread can be seen here:


You can solve it just as well in kernel space without application
changes. Given a refcounted structure something like

	struct pidref {
		atomic_t ref;
		struct pidref *next, *prev;
		pid_t pid;
	};

and a hash you can take a pid reference whenever you hang onto a pid in
kernel space and check what should be a tiny if not empty hash in the
normal cases whenever you allocate a pid.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/