NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/44369 (raw_usrreq() may fail to release kernel lock)



On Wed Jan 12 2011 at 19:27:56 +0100, Manuel Bouyer wrote:
> On Tue, Jan 11, 2011 at 10:53:14AM +0000, pooka%NetBSD.org@localhost wrote:
> > Synopsis: raw_usrreq() may fail to release kernel lock
> > 
> > State-Changed-From-To: open->closed
> > State-Changed-By: pooka%NetBSD.org@localhost
> > State-Changed-When: Tue, 11 Jan 2011 12:53:13 +0200
> > State-Changed-Why:
> > patch applied.  thanks!
> 
> Hi,
> did you check if netbsd-4 or netbsd-5 is affected ?
> if so, please send pullup requests.

I checked netbsd-5 now and issued a pullup.  I didn't bother with
netbsd-4, since yesterday when we analyzed the problem with kefren we
couldn't find any critical issues: the kernel lock is fully dropped
always when a lock holder blocks, so biglock leak has effect only when
when a thread which made a PRU_SENSE call is running.  Additionally,
the lock level is reset to 0 when an lwp exists (at least currently).
So while in theory an attacker could use PRU_SENSE from multiple lwps
and busyloop all of them, there must be easier ways to DoS a system.

-- 
älä karot toivorikkauttas, kyl rätei ja lumpui piisaa


Home | Main Index | Thread Index | Old Index