Re: [PATCH 1/3] fork: assign refed credentials earlier

2015-03-21 Thread Mateusz Guzik
On Sat, Mar 21, 2015 at 09:29:04PM +0200, Konstantin Belousov wrote: > On Sat, Mar 21, 2015 at 07:19:31PM +0100, Mateusz Guzik wrote: > > On Sat, Mar 21, 2015 at 04:18:32PM +0200, Konstantin Belousov wrote: > > > On Sat, Mar 21, 2015 at 02:57:22AM +0100, Mateusz Guzik wrote: > > > > On Sat, Mar 21,

Re: [PATCH 1/3] fork: assign refed credentials earlier

2015-03-21 Thread Konstantin Belousov
On Sat, Mar 21, 2015 at 07:19:31PM +0100, Mateusz Guzik wrote: > On Sat, Mar 21, 2015 at 04:18:32PM +0200, Konstantin Belousov wrote: > > On Sat, Mar 21, 2015 at 02:57:22AM +0100, Mateusz Guzik wrote: > > > On Sat, Mar 21, 2015 at 03:51:51AM +0200, Konstantin Belousov wrote: > > > > On Sat, Mar 21,

Re: [PATCH 1/3] fork: assign refed credentials earlier

2015-03-21 Thread Mateusz Guzik
On Sat, Mar 21, 2015 at 04:18:32PM +0200, Konstantin Belousov wrote: > On Sat, Mar 21, 2015 at 02:57:22AM +0100, Mateusz Guzik wrote: > > On Sat, Mar 21, 2015 at 03:51:51AM +0200, Konstantin Belousov wrote: > > > On Sat, Mar 21, 2015 at 02:00:38AM +0100, Mateusz Guzik wrote: > > > > From: Mateusz G

Re: [PATCH 1/3] fork: assign refed credentials earlier

2015-03-21 Thread Konstantin Belousov
On Sat, Mar 21, 2015 at 02:57:22AM +0100, Mateusz Guzik wrote: > On Sat, Mar 21, 2015 at 03:51:51AM +0200, Konstantin Belousov wrote: > > On Sat, Mar 21, 2015 at 02:00:38AM +0100, Mateusz Guzik wrote: > > > From: Mateusz Guzik > > > > > > Prior to this change the kernel would take p1's credential

Re: [PATCH 1/3] fork: assign refed credentials earlier

2015-03-20 Thread Mateusz Guzik
On Sat, Mar 21, 2015 at 03:51:51AM +0200, Konstantin Belousov wrote: > On Sat, Mar 21, 2015 at 02:00:38AM +0100, Mateusz Guzik wrote: > > From: Mateusz Guzik > > > > Prior to this change the kernel would take p1's credentials and assign > > them tempororarily to p2. But p1 could change credential

Re: [PATCH 1/3] fork: assign refed credentials earlier

2015-03-20 Thread Konstantin Belousov
On Sat, Mar 21, 2015 at 02:00:38AM +0100, Mateusz Guzik wrote: > From: Mateusz Guzik > > Prior to this change the kernel would take p1's credentials and assign > them tempororarily to p2. But p1 could change credentials at that time > and in effect give us a use-after-free. In which way could it

[PATCH 1/3] fork: assign refed credentials earlier

2015-03-20 Thread Mateusz Guzik
From: Mateusz Guzik Prior to this change the kernel would take p1's credentials and assign them tempororarily to p2. But p1 could change credentials at that time and in effect give us a use-after-free. --- sys/kern/kern_fork.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-)