| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Jun 2024 17:30:23 +0300
From: Imre Deak <imre.deak@...el.com>
To: Leon Romanovsky <leon@...nel.org>
Cc: Tejun Heo <tj@...nel.org>, Dan Williams <dan.j.williams@...el.com>,
Dave Jiang <dave.jiang@...el.com>,
Lai Jiangshan <jiangshanlai@...il.com>,
Zqiang <qiang.zhang1211@...il.com>, Gal Pressman <gal@...dia.com>,
Tariq Toukan <tariqt@...dia.com>,
RDMA mailing list <linux-rdma@...r.kernel.org>,
Hillf Danton <hdanton@...a.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH -rc] workqueue: Reimplement UAF fix to avoid lockdep
worning
Hi,
[Sorry for the previous message, resending it now
with proper In-reply-to: header added.]
I see a similar issue, a corruption in the lock_keys_hash while
alloc_workqueue()->lockdep_register_key() iterates it, see [1] for the
stacktrace.
Not sure if related or even will solve [1], but [2] will revert
commit 7e89efc6e9e4 ("PCI: Lock upstream bridge for pci_reset_function()")
which does
lockdep_register_key(&dev->cfg_access_key);
in pci_device_add() and doesn't unregister the key when the pci device is
removed (and potentially freed); so basically 7e89efc6e9e4 was missing a
lockdep_unregister_key();
in pci_destroy_dev().
Based on the above I wonder if 7e89efc6e9e4 could also lead to the
corruption of lock_keys_hash after a pci device is removed.
--Imre
[1] https://intel-gfx-ci.01.org/tree/drm-tip/IGT_7875/bat-atsm-1/dmesg0.txt
[2] https://lore.kernel.org/all/171711746402.1628941.14575335981264103013.stgit@dwillia2-xfh.jf.intel.com/
Powered by blists - more mailing lists