lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 Mar 2015 22:36:00 +0100
From:	Greg KH <gregkh@...uxfoundation.org>
To:	Pan Xinhui <xinhuix.pan@...el.com>
Cc:	jslaby@...e.cz, linux-kernel@...r.kernel.org,
	yanmin_zhang@...ux.intel.com, mnipxh@...i.com
Subject: Re: [PATCH v2] tty/n_gsm.c: fix a memory leak when gsmtty is removed

On Wed, Mar 25, 2015 at 03:05:33PM +0800, Pan Xinhui wrote:
> when gsmtty_remove put dlci, it will cause memory leak if
> dlci->port's refcount is zero.
> So we do the cleanup work in .cleanup callback instead.
> 
> dlci will be last put in two call chains.
> 1) gsmld_close -> gsm_cleanup_mux -> gsm_dlci_release -> dlci_put
> 2) gsmld_remove -> dlci_put
> so there is a race. the memory leak depends on the race.
> 
> In call chain 2. we hit the memory leak. bellow comment tells.
> 
> release_tty -> tty_driver_remove_tty -> gsmtty_remove -> dlci_put -> tty_port_destructor (WARN_ON(port->itty) and return directly)
> 						|
> 						--> tty->port->itty = NULL;
> 			|
> 		tty_kref_put ---> release_one_tty -> gsmtty_cleanup (now we do the cleanup work here.)

That doesn't line up at all :(

> So our patch fix it by doing the cleanup work after tty core did.
> 
> Signed-off-by: xinhui.pan <xinhuix.pan@...el.com>

I need a real name here, "xinhui.pan" is not your real name, according
to your "From:" line, right?

Please fix up and resend.

And also include what changed from the previous version, this is much
different.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ