| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Mar 2020 10:56:08 +0200
From: Tomi Valkeinen <tomi.valkeinen@...com>
To: Benoit Parrot <bparrot@...com>, Hans Verkuil <hverkuil@...all.nl>
CC: <linux-media@...r.kernel.org>, <devicetree@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <stable@...r.kernel.org>
Subject: Re: [Patch v2] media: ti-vpe: cal: fix a kernel oops when unloading
module
On 06/03/2020 15:08, Benoit Parrot wrote:
> After the switch to use v4l2_async_notifier_add_subdev() and
> v4l2_async_notifier_cleanup(), unloading the ti_cal module would casue a
> kernel oops.
>
> This was root cause to the fact that v4l2_async_notifier_cleanup() tries
> to kfree the asd pointer passed into v4l2_async_notifier_add_subdev().
>
> In our case the asd reference was from a statically allocated struct.
> So in effect v4l2_async_notifier_cleanup() was trying to free a pointer
> that was not kalloc.
>
> So here we switch to using a kzalloc struct instead of a static one.
> To acheive this we re-order some of the calls to prevent asd allocation
> from leaking.
>
> Fixes: d079f94c9046 ("media: platform: Switch to v4l2_async_notifier_add_subdev")
>
> Cc: stable@...r.kernel.org
> Signed-off-by: Benoit Parrot <bparrot@...com>
> ---
> Changes since v1:
> - fix asd allocation leak
>
> drivers/media/platform/ti-vpe/cal.c | 13 ++++++++-----
> 1 file changed, 8 insertions(+), 5 deletions(-)
Reviewed-by: Tomi Valkeinen <tomi.valkeinen@...com>
Tomi
--
Texas Instruments Finland Oy, Porkkalankatu 22, 00180 Helsinki.
Y-tunnus/Business ID: 0615521-4. Kotipaikka/Domicile: Helsinki
Powered by blists - more mailing lists