> As first the fix from Alexander (the one that uses a gc_current with my
> further cleanup) seems SMP safe and works fine here. At least I am not
> been able to cause any problem to the kernel so far here.
>
> But playing still more the unix domain socket code some minutes ago I
> discovered new critical issues.
>
> I discovered a way to leak memory and cause the machine to stall completly
> in kernel mode for minutes as normal user. Waiting a bit more it will eat
> all memory and the machine will crash badly. It's a plain security issue.
Yes, you can do it. I don't think that ENOMEM is the right return value
here - ECONNREFUSED is more reasonable, IMHO. But yes, we need to limit
the backlog to avoid DoS.
I'm not sure that it's what Michael had triggered - it looked rather like
a dangling pointers with following stomping the random pieces of core.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/