lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20111102144321.GA1299@suse.de>
Date:	Wed, 2 Nov 2011 07:43:21 -0700
From:	Greg KH <gregkh@...e.de>
To:	David Herrmann <dh.herrmann@...glemail.com>
Cc:	Dmitry Torokhov <dmitry.torokhov@...il.com>,
	linux-input@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC] Input: Remove unsafe device module references

On Wed, Nov 02, 2011 at 02:45:58PM +0100, David Herrmann wrote:
> On Tue, Nov 1, 2011 at 7:18 PM, Dmitry Torokhov
> <dmitry.torokhov@...il.com> wrote:
> > On Tue, Nov 01, 2011 at 07:09:27PM +0100, David Herrmann wrote:
> >> On Tue, Nov 1, 2011 at 7:00 PM, Greg KH <gregkh@...e.de> wrote:
> >> > On Tue, Nov 01, 2011 at 06:52:11PM +0100, David Herrmann wrote:
> >> >> My solution: Some parent subsystem of us must take and release this
> >> >> module-refcnt instead of us, so this bug doesn't occur.
> >> >
> >> > Yes, that is the ultimate solution for something like this.
> >> >
> >> > But, in reality, we don't care about module unloading races as there are
> >> > plenty of other issues involved there where things can go bad, so we
> >> > just try the best we can :)
> >>
> >> Ah, I am kind of relieved that I got this right. I almost started
> >> thinking I am insane.. ;)
> >>
> >> So your answer is that this is so unlikely that it won't be fixed? I
> >> am fine with that, even though I wonder why stuff like "struct
> >> file_operations" include "owner" fields to protect callbacks but
> >> "struct device_type" does *not* include any protection of it's
> >> "release" callback.
> >
> > I think adding owner to device_type might not be a bad idea at all...
> 
> Exactly. But Greg does not seem to be very amused by that idea :-/

Actually that might work, but again, is it worth it?

Patches, as always, are gladly accepted, if you think this would resolve
the issue.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ