| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Sep 2016 15:03:29 +0200
From: Michael Wang <yun.wang@...fitbricks.com>
To: linux-block@...r.kernel.org,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
axboe@...com
Subject: [BUG] block: bdi_register_owner() failure cause NULL pointer
dereference
Hi, Folks
We observed the hard lockup while trying raid assemble with sas3ircu,
it was start with the failure inside bdi_register_owner() with duplicated
kobj path, and later comeup the NULL pointer dereference, after that system
hang and we saw hard lockup on screen.
The duplicated issue could be with the scsi controller driver and we are
going to upgrade it anyway, but my question is why we don't do some error
handling like:
diff --git a/block/genhd.c b/block/genhd.c
index a178c8e..318bc63 100644
--- a/block/genhd.c
+++ b/block/genhd.c
@@ -614,7 +614,15 @@ void device_add_disk(struct device *parent, struct gendisk *disk)
/* Register BDI before referencing it from bdev */
bdi = &disk->queue->backing_dev_info;
- bdi_register_owner(bdi, disk_to_dev(disk));
+ if (bdi_register_owner(bdi, disk_to_dev(disk))) {
+ disk_release_events(disk);
+ blk_free_devt(devt);
+ disk->ev = NULL;
+ disk->first_minor = 0;
+ disk->major = 0;
+ WARN_ON(1);
+ return;
+ }
blk_register_region(disk_devt(disk), disk->minors, NULL,
exact_match, exact_lock, disk);
to prevent the following NULL pointer dereference and hard lockup?
Regards,
Michael Wang
View attachment "dmesg" of type "text/plain" (16958 bytes)
Powered by blists - more mailing lists