lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 19 Mar 2019 22:56:54 -0700
From:   Josh Gao <jmgao@...gle.com>
To:     fei.yang@...el.com
Cc:     balbi@...nel.org, gregkh@...uxfoundation.org,
        Jerry Zhang <zhangjerry@...gle.com>, andrzej.p@...labora.com,
        plr.vincent@...il.com, jingx.shen@...el.com,
        John Stultz <john.stultz@...aro.org>,
        linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH V2] usb: gadget: f_fs: don't free buffer prematurely

On Tue, Mar 19, 2019 at 10:32 PM <fei.yang@...el.com> wrote:
>
> From: Fei Yang <fei.yang@...el.com>
>
> The following kernel panic happens due to the io_data buffer gets deallocated
> before the async io is completed. Add a check for the case where io_data buffer
> should be deallocated by ffs_user_copy_worker.

It looks like this happened because data got renamed to io_data, which made the
`data = NULL` marked with "Do not kfree the buffer in this function" not do
what it was hoping. This should probably either delete the assignment above or
fix the assignment to refer to io_data? (EIOCBQUEUED presumably can't come from
elsewhere?)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ