| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Jun 2024 10:43:55 +0800
From: Ming Lei <ming.lei@...hat.com>
To: Li Nan <linan666@...weicloud.com>
Cc: axboe@...nel.dk, ZiyangZhang@...ux.alibaba.com, czhong@...hat.com,
linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
yukuai3@...wei.com, yi.zhang@...wei.com, houtao1@...wei.com,
yangerkun@...wei.com
Subject: Re: [PATCH] ublk_drv: fix NULL pointer dereference in
ublk_ctrl_start_recovery()
On Mon, Jun 03, 2024 at 10:19:50AM +0800, Li Nan wrote:
>
>
> 在 2024/6/3 8:39, Ming Lei 写道:
>
> [...]
>
> > > diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c
> > > index 4e159948c912..99b621b2d40f 100644
> > > --- a/drivers/block/ublk_drv.c
> > > +++ b/drivers/block/ublk_drv.c
> > > @@ -2630,7 +2630,8 @@ static void ublk_queue_reinit(struct ublk_device *ub, struct ublk_queue *ubq)
> > > {
> > > int i;
> > > - WARN_ON_ONCE(!(ubq->ubq_daemon && ubq_daemon_is_dying(ubq)));
> > > + if (WARN_ON_ONCE(!(ubq->ubq_daemon && ubq_daemon_is_dying(ubq))))
> > > + return;
> >
> > Yeah, it is one bug. However, it could be addressed by adding the check in
> > ublk_ctrl_start_recovery() and return immediately in case of NULL ubq->ubq_daemon,
> > what do you think about this way?
> >
>
> Check ub->nr_queues_ready seems better. How about:
>
> @@ -2662,6 +2662,8 @@ static int ublk_ctrl_start_recovery(struct ublk_device
> *ub,
> mutex_lock(&ub->mutex);
> if (!ublk_can_use_recovery(ub))
> goto out_unlock;
> + if (!ub->nr_queues_ready)
> + goto out_unlock;
Looks fine:
Reviewed-by: Ming Lei <ming.lei@...hat.com>
Thanks,
Ming
Powered by blists - more mailing lists