| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 May 2022 12:51:40 +0200
From: Javier Martinez Canillas <javierm@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: Maxime Ripard <maxime@...no.tech>,
Thomas Zimmermann <tzimmermann@...e.de>,
Javier Martinez Canillas <javierm@...hat.com>,
Daniel Vetter <daniel.vetter@...ll.ch>,
Daniel Vetter <daniel@...ll.ch>, Helge Deller <deller@....de>,
dri-devel@...ts.freedesktop.org, linux-fbdev@...r.kernel.org
Subject: [PATCH] Revert "fbdev: Make fb_release() return -ENODEV if fbdev was unregistered"
This reverts commit aafa025c76dcc7d1a8c8f0bdefcbe4eb480b2f6a. That commit
attempted to fix a NULL pointer dereference, caused by the struct fb_info
associated with a framebuffer device to not longer be valid when the file
descriptor was closed.
But the solution was wrong since it was just papering over the issue, and
also would leak any resources that might be reference counted in fb_open.
Instead, the fbdev drivers that are releasing the fb_info too soon should
be fixed to prevent this situation to happen.
Suggested-by: Daniel Vetter <daniel.vetter@...ll.ch>
Signed-off-by: Javier Martinez Canillas <javierm@...hat.com>
---
drivers/video/fbdev/core/fbmem.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
index 97eb0dee411c..a6bb0e438216 100644
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1434,10 +1434,7 @@ fb_release(struct inode *inode, struct file *file)
__acquires(&info->lock)
__releases(&info->lock)
{
- struct fb_info * const info = file_fb_info(file);
-
- if (!info)
- return -ENODEV;
+ struct fb_info * const info = file->private_data;
lock_fb_info(info);
if (info->fbops->fb_release)
--
2.35.1
Powered by blists - more mailing lists