lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YkF8HQ7Ih3IUJ3jT@kroah.com>
Date:   Mon, 28 Mar 2022 11:13:01 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Pavel Machek <pavel@...x.de>
Cc:     Jakub Kicinski <kuba@...nel.org>, linux-kernel@...r.kernel.org,
        stable@...r.kernel.org, Eric Dumazet <edumazet@...gle.com>,
        赵子轩 <beraphin@...il.com>,
        Stoyan Manolov <smanolov@...e.de>
Subject: Re: [PATCH 5.10 09/38] llc: fix netdevice reference leaks in
 llc_ui_bind()

On Mon, Mar 28, 2022 at 11:08:30AM +0200, Pavel Machek wrote:
> Hi!
> 
> > > > Can someone check this? AFAICT this is buggy.
> > > > 
> > > > static int llc_ui_autobind(struct socket *sock, struct sockaddr_llc *addr)
> > > > {
> > > >         struct sock *sk = sock->sk;
> > > >         struct llc_sock *llc = llc_sk(sk);
> > > >         struct llc_sap *sap;
> > > >         int rc = -EINVAL;
> > > > 
> > > >         if (!sock_flag(sk, SOCK_ZAPPED))
> > > >                 goto out;
> > > > 
> > > > There are 'goto out's from both before dev_get() and after it,
> > > > dev_put() will be called with NULL pointer. dev_put() can't handle
> > > > NULL at least in the old kernels... this is simply confused.
> > > > 
> > > > Mainline has dev_put_track() there, but I see same confusion.
> > > > 
> > > > Best regards,
> > > 
> > > commit 2d327a79ee17 ("llc: only change llc->dev when bind() succeeds"),
> > > https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=2d327a79ee176930dc72c131a970c891d367c1dc
> > > 
> > > Should be in mainline on Thursday, LMK if we need to accelerate.
> > > IDK if anyone enables LLC2.
> > 
> > I'll queue this up now, thanks.
> 
> As the changelog says, this needs b37a46683739, otherwise there will
> be oops-es in even more cases.

If you look at the change, I think I already handled that issue.  If
not, please let me know.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ