| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 May 2020 19:03:46 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Luis Chamberlain <mcgrof@...nel.org>
Cc: axboe@...nel.dk, viro@...iv.linux.org.uk, bvanassche@....org,
rostedt@...dmis.org, mingo@...hat.com, jack@...e.cz,
ming.lei@...hat.com, nstange@...e.de, akpm@...ux-foundation.org,
mhocko@...e.com, yukuai3@...wei.com, linux-block@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, Omar Sandoval <osandov@...com>,
Hannes Reinecke <hare@...e.com>,
Michal Hocko <mhocko@...nel.org>,
syzbot+603294af2d01acfdd6da@...kaller.appspotmail.com
Subject: Re: [PATCH v5 5/7] blktrace: fix debugfs use after free
On Tue, May 19, 2020 at 03:52:10PM +0000, Luis Chamberlain wrote:
> On Tue, May 19, 2020 at 04:44:08PM +0200, Greg KH wrote:
> > On Sat, May 16, 2020 at 03:19:54AM +0000, Luis Chamberlain wrote:
> > > struct dentry *blk_debugfs_root;
> > > +struct dentry *blk_debugfs_bsg = NULL;
> >
> > checkpatch didn't complain about "= NULL;"?
>
> Will remove.
>
> > > +static void queue_debugfs_register_type(struct request_queue *q,
> > > + const char *name,
> > > + enum blk_debugfs_dir_type type)
> > > +{
> > > + struct dentry *base_dir = queue_get_base_dir(type);
> >
> > And it could be a simple if statement instead.
> >
> > Oh well, I don't have to maintain this :)
>
> I'll just use that, but yeah I think its a matter of preference.
>
> > > +/**
> > > + * blk_queue_debugfs_register - register the debugfs_dir for the block device
> > > + * @q: the associated request_queue of the block device
> > > + * @name: the name of the block device exposed
> > > + *
> > > + * This is used to create the debugfs_dir used by the block layer and blktrace.
> > > + * Drivers which use any of the *add_disk*() calls or variants have this called
> > > + * automatically for them. This directory is removed automatically on
> > > + * blk_release_queue() once the request_queue reference count reaches 0.
> > > + */
> > > +void blk_queue_debugfs_register(struct request_queue *q, const char *name)
> > > +{
> > > + queue_debugfs_register_type(q, name, BLK_DBG_DIR_BASE);
> > > +}
> > > +EXPORT_SYMBOL_GPL(blk_queue_debugfs_register);
> > > +
> > > +/**
> > > + * blk_queue_debugfs_unregister - remove the debugfs_dir for the block device
> > > + * @q: the associated request_queue of the block device
> > > + *
> > > + * Removes the debugfs_dir for the request_queue on the associated block device.
> > > + * This is handled for you on blk_release_queue(), and that should only be
> > > + * called once.
> > > + *
> > > + * Since we don't care where the debugfs_dir was created this is used for all
> > > + * types of of enum blk_debugfs_dir_type.
> > > + */
> > > +void blk_queue_debugfs_unregister(struct request_queue *q)
> > > +{
> > > + debugfs_remove_recursive(q->debugfs_dir);
> > > +}
> >
> > Why is register needed to be exported, but unregister does not? Does
> > some driver not properly clean things up?
>
> Is the comment on blk_queue_debugfs_register() not sufficient?
Ah, hm, ok, I guess so.
> I thought I was going overboard with how clear this was. Should I also
> add a note here on unregister?
Not really, it's fine, thanks.
greg k-h
Powered by blists - more mailing lists