lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 29 Nov 2012 16:50:20 -0700
From:	Shuah Khan <shuahkhan@...il.com>
To:	"Rafael J. Wysocki" <rjw@...k.pl>
Cc:	ACPI Devel Maling List <linux-acpi@...r.kernel.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Linux PM list <linux-pm@...r.kernel.org>,
	Zdenek Kabelac <zdenek.kabelac@...il.com>
Subject: Re: [PATCH] ACPI / PNP: Do not crash due to stale pointer use during
 system resume

On Thu, Nov 29, 2012 at 4:51 PM, Rafael J. Wysocki <rjw@...k.pl> wrote:
> On Thursday, November 29, 2012 04:25:20 PM Shuah Khan wrote:
>> On Thu, Nov 29, 2012 at 4:10 PM, Rafael J. Wysocki <rjw@...k.pl> wrote:
>> > From: Rafael J. Wysocki <rafael.j.wysocki@...el.com>
>> >
>> > During resume from system suspend the 'data' field of
>> > struct pnp_dev in pnpacpi_set_resources() may be a stale pointer,
>> > due to removal of the associated ACPI device node object in the
>> > previous suspend-resume cycle.  This happens, for example, if a
>> > dockable machine is booted in the docking station and then suspended
>> > and resumed and suspended again.  If that happens,
>> > pnpacpi_build_resource_template() called from pnpacpi_set_resources()
>> > attempts to use that pointer and crashes.
>> >
>> > However, pnpacpi_set_resources() actually checks the device's ACPI
>> > handle, attempts to find the ACPI device node object attached to it
>> > and returns an error code if that fails, so in fact it knows what the
>> > correct value of dev->data should be.  Use this observation to update
>> > dev->data with the correct value if necessary and dump a call trace
>> > if that's the case (once).
>> >
>> > We still need to fix the root cause of this issue, but preventing
>> > systems from crashing because of it is an improvement too.
>> >
>> > Reported-and-tested-by: Zdenek Kabelac <zdenek.kabelac@...il.com>
>> > References: https://bugzilla.kernel.org/show_bug.cgi?id=51071
>> > Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@...el.com>
>>
>> Any reason why this shouldn't go into stable releases?
>
> Yes, it can go to -stable.  This is just a patch, not a git commit.  I can
> still add the "stable" tag to it when it goes to git. :-)
>

Good. This patch applies just fine to 3.0.x, 3.4.x and 3.6.x for what
its worth. That's how far I have gotten so far and getting ready to do
compile tests on these.

-- Shuah
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ