Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:

kuznet@ms2.inr.ac.ru
Tue, 2 Mar 1999 19:49:23 +0300 (MSK)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: kuznet@ms2.inr.ac.ru: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
Previous message: Tuomas Heino: "Re: I can't compile kernel afer patch-2.2.2 [socket filtering FAQ]"
Next in thread: Alexander Viro: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
Reply: Alexander Viro: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"

Hello!

> Except that unix_destroy_timer() can kfree() it at any moment. And
> *that* is not protected by kernel_lock.

No. The things are much simpler. If socket is on timer,
it means that someone refers to it. Until this someone will release
it (and it can be made only under kernel lock),
timer will not able to destroy it.

Do you understand? Timer is pure gc collector, it
destroys only sockets, which are not referenced by anyone.

If unix_gc was able to find this socket, it is in use
and timer will not destroy it until someone (f.e. unix_gc itself)
will release it.

Alexey

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: kuznet@ms2.inr.ac.ru: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
Previous message: Tuomas Heino: "Re: I can't compile kernel afer patch-2.2.2 [socket filtering FAQ]"
Next in thread: Alexander Viro: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
Reply: Alexander Viro: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"