| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGngYiXyEksuMDBkrasiwwge4fgoHKKecsSHB6q0GQyEoiZXxw@mail.gmail.com>
Date: Mon, 11 Mar 2019 14:47:59 -0400
From: Sven Van Asbroeck <thesven73@...il.com>
To: Peter Rosin <peda@...ntia.se>
Cc: Tomasz Duszynski <tduszyns@...il.com>,
Jonathan Cameron <jic23@...nel.org>,
Hartmut Knaack <knaack.h@....de>,
Lars-Peter Clausen <lars@...afoo.de>,
Peter Meerwald-Stadler <pmeerw@...erw.net>,
"linux-iio@...r.kernel.org" <linux-iio@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] iio: envelope-detector: fix use-after-free on device remove
Hi Peter,
On Mon, Mar 11, 2019 at 2:41 PM Peter Rosin <peda@...ntia.se> wrote:
>
> This is false positive, AFAICT. The delayed work must have
> finished while envelope_detector_read_raw() holds the read_lock
> mutex, and it would be highly surprising if the device can go
> away while it is handling an IIO ->read_raw call. (THAT would be
> an interesting bug...)
Quite right. I had completely overlooked the fact that wait_for_completion()
cannot finish unless explicitly completed. Unlike
wait_for_completion_interruptible().
So yes, this looks like a false positive. My apologies.
Sven
Powered by blists - more mailing lists