| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 4 Sep 2022 09:54:04 -0400
From: Alan Stern <stern@...land.harvard.edu>
To: Rondreis <linhaoguo86@...il.com>
Cc: Greg KH <gregkh@...uxfoundation.org>, linux-kernel@...r.kernel.org,
linux-usb@...r.kernel.org
Subject: Re: KASAN: use-after-free Read in configfs_composite_bind
On Sun, Sep 04, 2022 at 09:21:07PM +0800, Rondreis wrote:
> Thanks for your reply! I ran the reproducer again on the master
> branch(commit id: 7726d4c3e60bfe206738894267414a5f10510f1a) and it
> didn't crash.
>
> The reason for not using the latest version is I can't attach more
> than one gadget at a time using `configfs` and `dummy_hcd`. When I
> attach the second gadget with a different `udc` it always fails and
> the kernel message says:
>
> ```
> [ 1625.254858] Error: Driver 'configfs-gadget' is already registered,
> aborting...
> [ 1625.271018] UDC core: g1: driver registration failed: -16
> ```
>
> I'm not sure if this is a new feature from version v5.19(v5.18, commit
> id: 4b0986a3613c92f4ec1bdc7f60ec66fea135991f works very well) or a
> potential bug, or my mistake...
It probably was introduced by a change I made. One consequence of that
change is that gadget drivers now must all have different names (as must
drivers on any bus) -- but configfs uses the same name for all the
drivers it registers: "configfs-gadget".
I had to adjust a couple of drivers to avoid this problem. See for
example commit f2d8c2606825 ("usb: gadget: Fix non-unique driver names
in raw-gadget driver"). You could use that as a model for changing
configfs.c.
Alan Stern
Powered by blists - more mailing lists