| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Sep 2007 14:47:49 +0200
From: Patrick McHardy <kaber@...sh.net>
To: Urs Thuermann <urs@...ogud.escape.de>
CC: netdev@...r.kernel.org, David Miller <davem@...emloft.net>,
Thomas Gleixner <tglx@...utronix.de>,
Oliver Hartkopp <oliver@...tkopp.net>,
Oliver Hartkopp <oliver.hartkopp@...kswagen.de>,
Urs Thuermann <urs.thuermann@...kswagen.de>
Subject: Re: [PATCH 2/7] CAN: Add PF_CAN core module
Urs Thuermann wrote:
> +static int can_create(struct net *net, struct socket *sock, int protocol)
> +{
> + ...
> +
> + spin_lock(&proto_tab_lock);
> + cp = proto_tab[protocol];
> + if (cp && !try_module_get(cp->prot->owner))
> + cp = NULL;
> + spin_unlock(&proto_tab_lock);
> +
> + /* check for success and correct type */
> + if (!cp || cp->type != sock->type) {
> + ret = -EPROTONOSUPPORT;
> + goto errout;
> + }
> +
> + if (cp->capability >= 0 && !capable(cp->capability)) {
> + ret = -EPERM;
> + goto errout;
> + }
> +
> + sock->ops = cp->ops;
You drop the module reference again when leaving this function.
So sock->ops might contain a stale pointer if the module is
unloaded after this. You need to either keep the module reference
while the socket is alive or remove stale references when
unregistering the protocol.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists