Samuka007/asterinas
1
0
Fork 0
mirror of https://github.com/asterinas/asterinas.git synced 2025-06-13 23:36:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add TODO for a potential vulnerability in futex implementation

Browse Source
This commit is contained in:
Zejun Zhao 2024-12-16 11:55:55 +08:00 committed by Tate, Hongliang Tian
parent 868b742b31
commit bc5a058fc5
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
kernel/src/process/posix_thread/futex.rs
View File

@ -74,6 +74,15 @@ pub fn futex_wait_bitset(
drop(futex_bucket); drop(futex_bucket);
waiter.pause_timeout(timeout) waiter.pause_timeout(timeout)
// TODO: Ensure the futex item is dequeued and dropped.
//
// The enqueued futex item remain undequeued
// if the futex wait operation is interrupted by a signal or times out.
// In such cases, the `Box<FutexItem>` would persist in memory,
// leaving our implementation vulnerable to exploitation by user programs
// that could repeatedly issue futex wait operations
// to exhaust kernel memory.
} }
/// Does futex wake /// Does futex wake