lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20081219003259.GA12353@suse.de>
Date:	Thu, 18 Dec 2008 16:32:59 -0800
From:	Greg KH <gregkh@...e.de>
To:	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
Cc:	Greg KH <greg@...ah.com>, linux-kernel@...r.kernel.org,
	akpm@...ux-foundation.org
Subject: Re: mmotm 2008-12-17-16-41 uploaded

On Fri, Dec 19, 2008 at 09:11:14AM +0900, KAMEZAWA Hiroyuki wrote:
> On Thu, 18 Dec 2008 14:23:29 -0800
> Greg KH <greg@...ah.com> wrote:
> 
> > On Thu, Dec 18, 2008 at 01:10:15PM +0900, KAMEZAWA Hiroyuki wrote:
> > > On Wed, 17 Dec 2008 16:41:54 -0800
> > > akpm@...ux-foundation.org wrote:
> > > 
> > > > The mm-of-the-moment snapshot 2008-12-17-16-41 has been uploaded to
> > > > 
> > > >    http://userweb.kernel.org/~akpm/mmotm/
> > > > 
> > > > and will soon be available at
> > > > 
> > > >    git://git.zen-sources.org/zen/mmotm.git
> > > > 
> > > 
> > > This was necessary. I'm not sure my patch description is corrcect...
> > > but this helps me ;)
> > > This change kfree(dev->p) comes from linux-next.
> > > 
> > > ==
> > > From: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
> > > 
> > > dev->release() may free struct dev itself. To free dev->p
> > > in safe way, remember dev->p.
> > > 
> > > Signed-off-by:KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
> > > ---
> > >  drivers/base/core.c |    7 +++++--
> > >  1 file changed, 5 insertions(+), 2 deletions(-)
> > > 
> > > Index: mmotm-2.6.28-Dec17/drivers/base/core.c
> > > ===================================================================
> > > --- mmotm-2.6.28-Dec17.orig/drivers/base/core.c
> > > +++ mmotm-2.6.28-Dec17/drivers/base/core.c
> > > @@ -109,6 +109,7 @@ static struct sysfs_ops dev_sysfs_ops = 
> > >  static void device_release(struct kobject *kobj)
> > >  {
> > >  	struct device *dev = to_dev(kobj);
> > > +	struct device_private *p = dev->p;
> > >  
> > >  	if (dev->release)
> > >  		dev->release(dev);
> > > @@ -116,11 +117,13 @@ static void device_release(struct kobjec
> > >  		dev->type->release(dev);
> > >  	else if (dev->class && dev->class->dev_release)
> > >  		dev->class->dev_release(dev);
> > > -	else
> > > +	else {
> > >  		WARN(1, KERN_ERR "Device '%s' does not have a release() "
> > >  			"function, it is broken and must be fixed.\n",
> > >  			dev_name(dev));
> > > -	kfree(dev->p);
> > > +		return;
> > > +	}
> > > +	kfree(p);
> > 
> > You have a memory leak for when there is no release function for a
> > device, don't return if that happens.
> > 
> I thought "not released" dev may touch dev->p later..

Nope, it's a bug in the caller code.  They better not be touching dev->p
later, or bad things would be happening to their code :)

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ