| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Apr 2023 09:46:33 +0200
From: Lukas Wunner <lukas@...ner.de>
To: Niklas Schnelle <schnelle@...ux.ibm.com>
Cc: Bjorn Helgaas <bhelgaas@...gle.com>,
Gerd Bayer <gbayer@...ux.ibm.com>,
Matthew Rosato <mjrosato@...ux.ibm.com>,
linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-pci@...r.kernel.org, Andy Shevchenko <andy@...nel.org>
Subject: Re: [PATCH v2 1/4] PCI: s390: Fix use-after-free of PCI resources
with per-function hotplug
On Mon, Mar 06, 2023 at 04:10:11PM +0100, Niklas Schnelle wrote:
> --- a/drivers/pci/bus.c
> +++ b/drivers/pci/bus.c
> @@ -76,6 +76,27 @@ struct resource *pci_bus_resource_n(const struct pci_bus *bus, int n)
> }
> EXPORT_SYMBOL_GPL(pci_bus_resource_n);
>
> +void pci_bus_remove_resource(struct pci_bus *bus, struct resource *res)
> +{
> + struct pci_bus_resource *bus_res, *tmp;
> + int i;
> +
> + for (i = 0; i < PCI_BRIDGE_RESOURCE_NUM; i++) {
> + if (bus->resource[i] == res) {
> + bus->resource[i] = NULL;
> + return;
> + }
> + }
> +
> + list_for_each_entry_safe(bus_res, tmp, &bus->resources, list) {
> + if (bus_res->res == res) {
> + list_del(&bus_res->list);
> + kfree(bus_res);
> + return;
> + }
> + }
> +}
I realize this has already been applied so s390.git/master,
but nevertheless would like to point out there's a handy
pci_bus_for_each_resource() helper which could have been
used here instead of the for-loop.
Sorry for chiming in late, I just spotted this while flushing out
my inbox.
Adding Andy to cc: who's been active in this area recently.
Thanks,
Lukas
Powered by blists - more mailing lists