Re: [intel-sgx-kernel-dev] [PATCH v7 4/8] intel_sgx: driver for Intel Software Guard Extensions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Dec 12, 2017 at 01:46:48PM -0800, Sean Christopherson wrote:
> So it looks like you avoid the described case by moving B to the head of
> the list in sgx_eldu.  The bug I am seeing is still straightforward to
> theorize:
> 
>     1. Three VA pages.  List = A->B->C
>     2. Fill A and B, use one entry in C.  List = C->B->A
>     3. ELDU, freeing a slot in B.  List = B->C->A
>     4. EWB, consuming the last slot in B.  List = B->C->A
>     5. ELDU, freeing a slot in A.  List = A->B->C
>     6. EWB, consuming the last slot in A.  List = A->B->C
>     7. ELDU, but both A and B are full
>     8. Explode

I see. It is easy to fix by moving back to of the list immediately after
last allocation. Thanks for pointing this out.

/Jarkko



[Index of Archives]     [Linux Kernel Development]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux