| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220408165827.42475fb2@gandalf.local.home>
Date: Fri, 8 Apr 2022 16:58:27 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>, jstultz@...gle.com,
Stephen Boyd <sboyd@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Peter Zijlstra <peterz@...radead.org>,
Marcel Holtmann <marcel@...tmann.org>,
Johan Hedberg <johan.hedberg@...il.com>,
Luiz Augusto von Dentz <luiz.dentz@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
Guenter Roeck <linux@...ck-us.net>
Subject: Re: [RFC][PATCH] timers: Add del_time_free() to be called before
freeing timers
On Fri, 08 Apr 2022 22:29:58 +0200
Thomas Gleixner <tglx@...utronix.de> wrote:
> What a shutdown function would prevent here is UAF, but I'm not entirely
> sure whether it will simplify coordinated shutdown and remove the
> requirement of a priv->shutdown flag all over the place. It might make
> some of the driver muck just get stuck in the shutdown, but that's
> definitely an improvement over a potential UAF which happens every blue
> moons.
Note, it is the cause of a large percentage of crash reports reported by
ChromeOS.
And we do not even know if it was this bluetooth issue that caused them.
There's evidence they are mostly caused by the wifi code. I only used the
bluetooth issue because it was the first one we found that looked obviously
wrong.
-- Steve
Powered by blists - more mailing lists