| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <4F5501D30200007800076707@nat28.tlf.novell.com>
Date: Mon, 05 Mar 2012 17:11:31 +0000
From: "Jan Beulich" <JBeulich@...e.com>
To: "Jeremy Fitzhardinge" <jeremy@...p.org>,
"Konrad Rzeszutek Wilk" <konrad.wilk@...cle.com>
Cc: "xen-devel" <xen-devel@...ts.xen.org>,
<linux-kernel@...r.kernel.org>
Subject: [PATCH] xenbus: don't free other end details too early
The individual drivers' remove functions could legitimately attempt to
access this information (for logging messages if nothing else). Note
that I did not in fact observe a problem anywhere, but I came across
this while looking into the reasons for what turned out to need the
fix at https://lkml.org/lkml/2012/3/5/336 to vsprintf().
Signed-off-by: Jan Beulich <jbeulich@...e.com>
---
drivers/xen/xenbus/xenbus_probe.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- 3.3-rc6/drivers/xen/xenbus/xenbus_probe.c
+++ 3.3-rc6-xenbus-remove-details/drivers/xen/xenbus/xenbus_probe.c
@@ -257,11 +257,12 @@ int xenbus_dev_remove(struct device *_de
DPRINTK("%s", dev->nodename);
free_otherend_watch(dev);
- free_otherend_details(dev);
if (drv->remove)
drv->remove(dev);
+ free_otherend_details(dev);
+
xenbus_switch_state(dev, XenbusStateClosed);
return 0;
}
View attachment "linux-3.3-rc6-xenbus-remove-details.patch" of type "text/plain" (890 bytes)
Powered by blists - more mailing lists