On 03/15, Oleg Nesterov wrote: > > To remind, say, argv_split(poweroff_cmd) can race with sysctl changing this > string, in this case it can write to the memory after argv[] array. We can > fix this, or we can rewrite argv_split/free:
OK, please see 1/2. And this reminds me about set_task_comm() which pretends it does something meaningful for the reader of the mutable ->comm, see the offtopic 2/2. > But, whatever we do with argv_split(), it can hit the string "in between". > Personally I think we do not really care, but... > > Perhaps we should add proc_dostring_lock() which takes some lock and > modify the callers of argv_split() (or add argv_split_lock) ? > > Or perhaps we should introduce the rwsem which should protect every > sysctl-string and proc_dostring() should take this lock? Please tell me if you think we should do something with that. Oleg. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/