| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Oct 2019 13:25:05 -0700
From: Minchan Kim <minchan@...nel.org>
To: Chen Wandun <chenwandun@...wei.com>,
Andrew Morton <akpm@...ux-foundation.org>
Cc: ngupta@...are.org, sergey.senozhatsky.work@...il.com,
axboe@...nel.dk, linux-kernel@...r.kernel.org,
linux-block@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] zram: fix race between backing_dev_show and
backing_dev_store
On Mon, Oct 14, 2019 at 05:53:59PM +0800, Chen Wandun wrote:
> From: Chenwandun <chenwandun@...wei.com>
>
> CPU0: CPU1:
> backing_dev_show backing_dev_store
> ...... ......
> file = zram->backing_dev;
> down_read(&zram->init_lock); down_read(&zram->init_init_lock)
> file_path(file, ...); zram->backing_dev = backing_dev;
> up_read(&zram->init_lock); up_read(&zram->init_lock);
>
> get the value of zram->backing_dev too early in backing_dev_show,
> that will result the value may be NULL at the begining, and not
> NULL later.
>
> backtrace:
> [<ffffff8570e0f3ec>] d_path+0xcc/0x174
> [<ffffff8570decd90>] file_path+0x10/0x18
> [<ffffff85712f7630>] backing_dev_show+0x40/0xb4
> [<ffffff85712c776c>] dev_attr_show+0x20/0x54
> [<ffffff8570e835e4>] sysfs_kf_seq_show+0x9c/0x10c
> [<ffffff8570e82b98>] kernfs_seq_show+0x28/0x30
> [<ffffff8570e1c580>] seq_read+0x184/0x488
> [<ffffff8570e81ec4>] kernfs_fop_read+0x5c/0x1a4
> [<ffffff8570dee0fc>] __vfs_read+0x44/0x128
> [<ffffff8570dee310>] vfs_read+0xa0/0x138
> [<ffffff8570dee860>] SyS_read+0x54/0xb4
>
> Signed-off-by: Chenwandun <chenwandun@...wei.com>
It should be stable material.
Cc: <stable@...r.kernel.org> [4.14+]
Acked-by: Minchan Kim <minchan@...nel.org>
Thanks!
Powered by blists - more mailing lists