| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1cb8fbf6-a0bf-5dd6-fd4e-744a56ea70ae@acm.org>
Date: Sat, 30 May 2020 11:14:51 -0700
From: Bart Van Assche <bvanassche@....org>
To: jejb@...ux.ibm.com, Simon Arlott <simon@...iron.net>,
"Martin K . Petersen" <martin.petersen@...cle.com>,
Jens Axboe <axboe@...nel.dk>
Cc: linux-scsi@...r.kernel.org, Merlijn Wajer <merlijn@...hive.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/2] scsi: sr: Fix sr_probe() missing mutex_destroy
On 2020-05-30 09:41, James Bottomley wrote:
> On Sat, 2020-05-30 at 09:24 -0700, Bart Van Assche wrote:
>> On 2020-05-30 02:32, Simon Arlott wrote:
>>> If the device minor cannot be allocated or the cdrom fails to be
>>> registered then the mutex should be destroyed.
>>
>> Please add Fixes: and Cc: stable tags.
>
> This isn't really a bug, is it? mutex_destroy is a nop unless lock
> debugging is enabled in which case it checks the lock is unlocked and
> marks it as unusable to detect a use after destroy. Since the
> structure containing the mutex is kfree'd in the next statement, kasan
> would also detect any use after free. That's not to say we shouldn't
> do this to be fully correct ... just that it has no potential ever to
> have user visible impact so there doesn't seem to be much point
> cluttering up the stable process with it.
That makes sense to me. I may have confused Simon with my suggestion.
Bart.
Powered by blists - more mailing lists