lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 15 Aug 2019 13:17:01 +0000
From:   "Schmid, Carsten" <Carsten_Schmid@...tor.com>
To:     Wei Yang <richard.weiyang@...il.com>
CC:     Linus Torvalds <torvalds@...ux-foundation.org>,
        "bp@...e.de" <bp@...e.de>,
        "dan.j.williams@...el.com" <dan.j.williams@...el.com>,
        "mingo@...nel.org" <mingo@...nel.org>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "bhelgaas@...gle.com" <bhelgaas@...gle.com>,
        "osalvador@...e.de" <osalvador@...e.de>,
        "rdunlap@...radead.org" <rdunlap@...radead.org>,
        "richardw.yang@...ux.intel.com" <richardw.yang@...ux.intel.com>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        Hans de Goede <hdegoede@...hat.com>
Subject: AW: [PATCH v2] kernel/resource.c: invalidate parent when freed
 resource has childs

> My gut feeling is this is the problem from mal-functional driver, e.g.
> xhci-hcd. We do our best to protect core kernel from it instead of do the
> cleanup for it.
Agree.
My intention wasn't to fix mal-functional driver, but to give it a hint
that it's doing something wrong.
(In the xhci-hcd case the patch indirectly avoids the later use-after-free in driver,
 a nice side effect here)

I think the same what Linus meant with
> I'm less interested in the xhci-hcd case - which I certainly *hope* is
> fixed already? - than in "if this happens somewhere else".
What about giving only a WARN_ONCE?
Wouldn't hurt but notice developers and ease bug hunting.
Would be fine for me too.
Finally, i also could put the patch in a private branch named "useful_patches" ;-)
but then the community won't benefit.

> 
> So my suggestion is to look into why xhci-hcd behave like this and fix that.
> 
xhci-hcd fix proposal @ Hans de Goede already.

Best regards
Carsten

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ