lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Sep 2020 17:16:40 -0600
From:   Shuah Khan <skhan@...uxfoundation.org>
To:     manivannan.sadhasivam@...aro.org, hemantk@...eaurora.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        jhugo@...eaurora.org, sdias@...eaurora.org, bbhatt@...eaurora.org,
        linux-arm-msm@...r.kernel.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Shuah Khan <skhan@...uxfoundation.org>
Subject: bus/mhi/core: Double lock in mhi_device_put() and dev_wake inc/dec

While looking at this file for an unrelated issue, I happen to notice
there is a double locking on mhi_cntrl->pm_lock in the mhi_device_put()
when it gets called from mhi_driver_remove()

The other two calls from mhi_driver_probe() don't hold the pm_lock.

In addition, lock holding while dev_wake updates is inconsistent.

dev_wake gets incremented and decremented without holding pm_lock in
mhi_device_get(), mhi_device_get_sync() and mhi_device_put().

Exception are when mhi_device_put() is called from mhi_driver_remove().

The following commit is where all this code is added.

bus: mhi: core: Add support for data transfer
https://github.com/torvalds/linux/commit/189ff97cca53e3fe2d8b38d64105040ce17fc62d

It appears to be real problem. I don't have a way to test this driver,
hence reaching out to let you know about my findings.

thanks,
-- Shuah

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ