| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 09 Nov 2010 11:27:49 +0100 From: Jiri Slaby <jirislaby@...il.com> To: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com> CC: Milton Miller <miltonm@....com>, jbarnes@...tuousgeek.org, linux-pci@...r.kernel.org, xen-devel@...ts.xensource.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/1] PCI: xen-pcifront, fix PCI reference leak On 11/08/2010 05:34 PM, Konrad Rzeszutek Wilk wrote: > On Thu, Nov 04, 2010 at 12:27:07PM -0600, Milton Miller wrote: >> On 2010-11-04 at about 14:31:30 Jiri Slaby wrote: >>> Stanse found that when pdev is found and has no driver a reference is >>> leaked in pcifront_common_process. So add pci_dev_put there. For the >>> pdev == NULL case, pci_dev_put(NULL) is fine. >> >> While that may be true, the dev_err(&pcidev->dev ... is a NULL pointer >> deref. > > I've put the fix in the branch (stable/xen-pcifront-fixes) that I will ask Linus > to pull.. but what options did you need to find this? > > I tried to run this before putting your and Milton fix in: > konrad@...nom:~/tar/stanse-1.1.2$ java -jar ./stanse.jar ~/work/linux/drivers/pci/xen-pcifront.c > Stanse version "1.1.2" > Copyright (c) 2008-2010 Masaryk University, Brno > > STANSE_HOME not specified. Using the location of stanse.jar. > Checking for bugs: > <-> File: /home/konrad/work/linux/drivers/pci/xen-pcifront.c > <-> -------------------------------- > Done. > > And no warnings? It's not easy as that. You have to specify checkers like -c AutomatonChecker:dist/data/checkers/AutomatonChecker/kernel_pairing.xml -c AutomatonChecker:dist/data/checkers/AutomatonChecker/kernel_memory.xml etc. Then, probably stanse won't guess kernel build flags correctly, so you need to utilize kernel make system. So the command-line (from linux src dir) would be: STANSE_HOME=PATH java -jar PATH/stanse.jar -c AutomatonChecker:PATH/dist/data/checkers/AutomatonChecker/kernel_pairing.xml -c AutomatonChecker:PATH/dist/data/checkers/AutomatonChecker/kernel_memory.xml --makefile Makefile --make-params 'drivers/pci/xen-pcifront.o' Presumably drivers/pci/xen-pcifront.o must not exist so that when stanse runs make, it actually builds something. It will warn you about that anyway. Maybe you want to run with gui: -g to track the issues in gui. There you can also add the checkers by hand (or on cmdline too). For openSUSE, I package stanse into rpm, and there is a script which has -k and adds all the kernel checkers by default. regards, -- js -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists