lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 22 May 2024 21:46:22 +0200
From: Javier Carrasco <javier.carrasco.cruz@...il.com>
To: Guenter Roeck <linux@...ck-us.net>,
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 "Rafael J. Wysocki" <rafael@...nel.org>,
 Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
 Daniel Scally <djrscally@...il.com>,
 Heikki Krogerus <heikki.krogerus@...ux.intel.com>,
 Sakari Ailus <sakari.ailus@...ux.intel.com>, Jean Delvare
 <jdelvare@...e.com>, Antoniu Miclaus <antoniu.miclaus@...log.com>,
 Jonathan Cameron <jic23@...nel.org>
Cc: linux-acpi@...r.kernel.org, linux-kernel@...r.kernel.org,
 linux-hwmon@...r.kernel.org
Subject: Re: [PATCH 2/2] hwmon: (ltc2992) use
 fwnode_for_each_available_child_node_scoped()

On 22/05/2024 21:08, Guenter Roeck wrote:
> On 5/22/24 02:18, Javier Carrasco wrote:
>> The error path from a zero value of the "shunt-resistor-micro-ohms"
>> property does not decrement the refcount of the child node.
>>
>> Instead of adding the missing fwnode_handle_put(), a safer fix for
>> future modifications is using the _scoped version of the macro,
>> which removes the need for fwnode_handle_put() in all error paths.
>>
>> The macro defines the child node internally, which removes the need for
>> the current child node declaration as well.
>>
>> Fixes: 10b029020487 ("hwmon: (ltc2992) Avoid division by zero")
>> Signed-off-by: Javier Carrasco <javier.carrasco.cruz@...il.com>
> 
> I really don't like fixes which depend on an API change.
> 
> Guenter
> 

We could split the fix into two steps as suggested by Andy, where the
fix would simply add the missing fwnode_handle_put(), adding the
corresponding tag to include it in the stable kernels (the bug was
introduced with v6.7). By doing that, the new macro would not need to be
backported, which is probably a safer approach.

The patch with the new macro would be left as it is, and another patch
would convert the the loop to use the new macro to avoid that a similar
bug arises again. That would be this 2/2 + dropping the additional
fwnode_handle_put().

Best regards,
Javier Carrasco

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ