lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 22 Aug 2017 15:11:24 +0300
From:   Anton Volkov <avolkov@...ras.ru>
To:     dignome@...il.com, koyama@...stlight.net, johan@...nel.org
Cc:     gregkh@...uxfoundation.org, linux-usb@...r.kernel.org,
        linux-kernel@...r.kernel.org, ldv-project@...uxtesting.org,
        Alexey Khoroshilov <khoroshilov@...ras.ru>
Subject: Possible bug in cypress_m8.ko

Hello.

Judging by the code of cypress_m8.c some functions are considered to be 
capable of working concurrently with other functions, e.g. cypress_open.
There are, however, entities that are protected by the locks at one 
place and not protected in another. Lines are given using the info from 
Linux kernel v4.12. Example:

cypress_send
   spin_lock_irqsave
   priv->write_urb_in_use = 1;
   spin_lock_irqrestore
   (cypress_m8.c: lines 761-763)
   ...
   if (result) {
      priv->write_urb_in_use = 0; //without lock protection
      (cypress_m8.c: line 783)
   }

Is it a bug?

Thank you for your time.

-- Anton Volkov
Linux Verification Center, ISPRAS
web: http://linuxtesting.org
e-mail: avolkov@...ras.ru

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ