lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 1 Feb 2023 08:06:31 +0300
From:   Dan Carpenter <error27@...il.com>
To:     Martin Kaiser <martin@...ser.cx>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Larry Finger <Larry.Finger@...inger.net>,
        Phillip Potter <phil@...lpotter.co.uk>,
        Michael Straube <straube.linux@...il.com>,
        Pavel Skripkin <paskripkin@...il.com>,
        linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: r8188eu: fix NULL check for rcu pointer

On Tue, Jan 31, 2023 at 06:16:13PM +0100, Martin Kaiser wrote:
> Hello Greg and all,
> 
> Thus wrote Greg Kroah-Hartman (gregkh@...uxfoundation.org):
> 
> > On Tue, Jan 31, 2023 at 10:00:57AM +0100, Martin Kaiser wrote:
> > > Fix the NULL check for padapter->pnetdev->rx_handler_data.
> 
> > > The current code calls rcu_dereference while it holds the rcu read lock
> > > and checks the pointer after releasing the lock. An rcu pointer may only be
> > > used between calls to rcu_read_lock and rcu_read_unlock.
> 
> > > Replace the check with rcu_access_pointer. My understanding is that this
> > > function returns the value of the pointer and needs no locking. We can
> > > then check the pointer but we must not dereference it.
> 
> > > Signed-off-by: Martin Kaiser <martin@...ser.cx>
> 
> > What commit id does this fix?
> 
> the code that checks br_port has been around since the driver was
> imported into staging.
> 
> If the patch is considered as a fix, it should have
> 
> Fixes: 15865124feed ("staging: r8188eu: introduce new core dir for RTL8188eu driver")

I don't think it is a fix as we discuss later in the thread.

But if it were then it's still really useful to record that.  I normally
don't record when Fixes are from before the git era because one time,
ten years ago, one person said not to do that.  But really even there I
personally think Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") is useful.

It tells the tools how far to backport things.  It tells us if most of
our bugs come from the very start or if we're introducing them later.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ