lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 26 Mar 2022 13:13:25 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Pavel Machek <pavel@...x.de>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Eric Dumazet <edumazet@...gle.com>,
        赵子轩 <beraphin@...il.com>,
        Stoyan Manolov <smanolov@...e.de>
Subject: Re: [PATCH 5.10 09/38] llc: fix netdevice reference leaks in
 llc_ui_bind()

On Sat, 26 Mar 2022 21:09:22 +0100 Pavel Machek wrote:
> Can someone check this? AFAICT this is buggy.
> 
> static int llc_ui_autobind(struct socket *sock, struct sockaddr_llc *addr)
> {
>         struct sock *sk = sock->sk;
>         struct llc_sock *llc = llc_sk(sk);
>         struct llc_sap *sap;
>         int rc = -EINVAL;
> 
>         if (!sock_flag(sk, SOCK_ZAPPED))
>                 goto out;
> 
> There are 'goto out's from both before dev_get() and after it,
> dev_put() will be called with NULL pointer. dev_put() can't handle
> NULL at least in the old kernels... this is simply confused.
> 
> Mainline has dev_put_track() there, but I see same confusion.
> 
> Best regards,

commit 2d327a79ee17 ("llc: only change llc->dev when bind() succeeds"),
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=2d327a79ee176930dc72c131a970c891d367c1dc

Should be in mainline on Thursday, LMK if we need to accelerate.
IDK if anyone enables LLC2.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ