| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Dec 2017 20:51:53 +0800
From: Jia-Ju Bai <baijiaju1990@...il.com>
To: martyn@...chs.me.uk, manohar.vanga@...il.com,
gregkh@...uxfoundation.org, elfring@...rs.sourceforge.net,
martyn.welch@...com
Cc: devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org,
Jia-Ju Bai <baijiaju1990@...il.com>
Subject: [PATCH] vme: Fix a possible sleep-in-atomic bug in vme_tsi148
The driver may sleep under a spinlock.
The function call path is:
tsi148_master_write \ tsi148_master_read (acquire the spinlock)
vme_register_error_handler
kmalloc(GFP_KERNEL) --> may sleep
To fix it, GFP_KERNEL is replaced with GFP_ATOMIC.
This bug is found by my static analysis tool(DSAC) and checked by my code review.
Signed-off-by: Jia-Ju Bai <baijiaju1990@...il.com>
---
drivers/vme/vme.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/vme/vme.c b/drivers/vme/vme.c
index 8124622..92500f6 100644
--- a/drivers/vme/vme.c
+++ b/drivers/vme/vme.c
@@ -1290,7 +1290,7 @@ struct vme_error_handler *vme_register_error_handler(
{
struct vme_error_handler *handler;
- handler = kmalloc(sizeof(*handler), GFP_KERNEL);
+ handler = kmalloc(sizeof(*handler), GFP_ATOMIC);
if (!handler)
return NULL;
--
1.7.9.5
Powered by blists - more mailing lists