Re: [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak
From: Alexey Gladkov
Date: Thu Jul 08 2021 - 07:00:22 EST
On Wed, Jul 07, 2021 at 10:23:35AM -0700, Linus Torvalds wrote:
> On Wed, Jul 7, 2021 at 9:50 AM Alexey Gladkov <legion@xxxxxxxxxx> wrote:
> >
> > > + dec_rlimit_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING, 1);
> > > + fallthrough;
> > > + case LONG_MAX:
> >
> > I think that the counter should be decreased in this case too.
> > inc_rlimit_ucounts() increments the counter in all parent userns. If we
> > don't decrease the counter then the parent userns will have a counter
> > leak.
>
> Ack. So basically that patch, but move the dec_rlimit_ucounts() into
> the LONG_MAX case?
Yep.
> Would you mind making a real patch with a commit message, and trying
> whatever test-case you had for that KASAN use-after-free report?
Sure. I will.
--
Rgrds, legion