lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150520222053.GC28218@earth>
Date:	Thu, 21 May 2015 00:20:54 +0200
From:	Sebastian Reichel <sre@...nel.org>
To:	"Dr. H. Nikolaus Schaller" <hns@...delico.com>
Cc:	Krzysztof Kozlowski <k.kozlowski@...sung.com>,
	Dmitry Eremin-Solenikov <dbaryshkov@...il.com>,
	David Woodhouse <dwmw2@...radead.org>,
	linux-pm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC/RFT v2 0/2] power_supply: Fix NULL pointer dereference from
 uevent

Hi,

On Tue, May 19, 2015 at 10:28:39AM +0200, Dr. H. Nikolaus Schaller wrote:
> Am 19.05.2015 um 09:13 schrieb Krzysztof Kozlowski <k.kozlowski@...sung.com>:
> > Changes since v1:
> > =================
> > 1. Patch 2: fix invalid member used for container_of().
> > 2. Patch 2: Replace WARN with pr_warn() in __power_supply_register()
> >   if parent is missing.
> > 
> > 
> > Description:
> > ============
> > This is an idea to fix issue in bq27x00 driver (and probably in others)
> > reported by H. Nikolaus Schaller [0].
> > 
> > The fixes are marked RFC/RFT because:
> > 1. I do not have bq27x00-like device. I confirmed this and tested on
> >   modified drivers (max77693, ACPI AC). These drivers are not
> >   impacted by the issue but one can easily adjust them to reproduce
> >   the problem.
> > 2. The first uevent coming from power_supply_register() is now
> >   different because it won't contain device properties. I am
> >   not sure how this impacts userspace.
> > 
> > Comments are welcomed.
> 
> appears to work! bq27000 is coming up now without hickups.
> 
> What I can’t test is if the uevent is reasonable because we do not
> have a specific rule triggered by it in our system.
> 
> So from my side we are now happy with the solution.

So you would be ok with the following added to the patches?

Tested-By: Dr. H. Nikolaus Schaller <hns@...delico.com>

-- Sebastian

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ