| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <TYUPR06MB6217877B31A08356241CAB38D2812@TYUPR06MB6217.apcprd06.prod.outlook.com> Date: Fri, 16 Aug 2024 14:19:58 +0000 From: 胡连勤 <hulianqin@...o.com> To: Michael Nazzareno Trimarchi <michael@...rulasolutions.com> CC: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>, "quic_prashk@...cinc.com" <quic_prashk@...cinc.com>, "quic_jjohnson@...cinc.com" <quic_jjohnson@...cinc.com>, "linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, opensource.kernel <opensource.kernel@...o.com>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org> Subject: 答复: [PATCH v1] usb: gadget: u_serial: check Null pointer in EP callback Hello linux community expert: > > Q: Are you running a mainline kernel? > > A: Yes. > > You should reply without top posting (refer to [1]). I'm trying to be helpful to you but it's not easy. The question was if your on some 6.10.y or older version of the kernel, the step to reproduce it, and if you have any automation to test it The kernel version that has the problem is 5.15. To reproduce, turn on the combination mode of the mobile phone USB, such as adb+diag+serial_tty+rmnet_ipa+serial_cdev when running the monkey test. > [1] https://subspace.kernel.org/etiquette.html Thanks > -----邮件原件----- > 发件人: Michael Nazzareno Trimarchi <michael@...rulasolutions.com> > 发送时间: 2024年8月16日 20:17 > 收件人: gregkh@...uxfoundation.org > 抄送: 胡连勤 <hulianqin@...o.com>; quic_prashk@...cinc.com; > quic_jjohnson@...cinc.com; linux-usb@...r.kernel.org; > linux-kernel@...r.kernel.org; opensource.kernel > <opensource.kernel@...o.com>; akpm@...ux-foundation.org > 主题: Re: [PATCH v1] usb: gadget: u_serial: check Null pointer in EP > callback > > [你通常不会收到来自 michael@...rulasolutions.com 的电子邮件。请访问 > https://aka.ms/LearnAboutSenderIdentification,以了解这一点为什么很重要] > > Hi Lianqin Hu > > On Fri, Aug 16, 2024 at 1:58 PM gregkh@...uxfoundation.org <gregkh@...uxfoundation.org> wrote: > > > > On Fri, Aug 16, 2024 at 11:21:24AM +0000, 胡连勤 wrote: > > > From: Lianqin Hu <hulianqin@...o.com> > > > > > > Added null pointer check to avoid system crash. > > > > > > Unable to handle kernel NULL pointer dereference at virtual > > > address > > > 00000000000001a8 pc : gs_read_complete+0x58/0x240 lr : > > > usb_gadget_giveback_request+0x40/0x160 > > > sp : ffffffc00f1539c0 > > > x29: ffffffc00f1539c0 x28: ffffff8002a30000 x27: 0000000000000000 > > > x26: ffffff8002a30000 x25: 0000000000000000 x24: ffffff8002a30000 > > > x23: ffffff8002ff9a70 x22: ffffff898e7a7b00 x21: ffffff803c9af9d8 > > > x20: ffffff898e7a7b00 x19: 00000000000001a8 x18: ffffffc0099fd098 > > > x17: 0000000000001000 x16: 0000000080000000 x15: 0000000ac1200000 > > > x14: 0000000000000003 x13: 000000000000d5e8 x12: 0000000355c314ac > > > x11: 0000000000000015 x10: 0000000000000012 x9 : 0000000000000008 > > > x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffffff887cd12000 > > > x5 : 0000000000000002 x4 : ffffffc00f9b07f0 x3 : ffffffc00f1538d0 > > > x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000000001a8 > > > Call trace: > > > gs_read_complete+0x58/0x240 > > > usb_gadget_giveback_request+0x40/0x160 > > > dwc3_remove_requests+0x170/0x484 > > > dwc3_ep0_out_start+0xb0/0x1d4 > > > __dwc3_gadget_start+0x25c/0x720 > > > kretprobe_trampoline.cfi_jt+0x0/0x8 > > > kretprobe_trampoline.cfi_jt+0x0/0x8 > > > udc_bind_to_driver+0x1d8/0x300 > > > usb_gadget_probe_driver+0xa8/0x1dc > > Are you running a mainline kernel? > > Michael > > > > gadget_dev_desc_UDC_store+0x13c/0x188 > > > configfs_write_iter+0x160/0x1f4 > > > vfs_write+0x2d0/0x40c > > > ksys_write+0x7c/0xf0 > > > __arm64_sys_write+0x20/0x30 > > > invoke_syscall+0x60/0x150 > > > el0_svc_common+0x8c/0xf8 > > > do_el0_svc+0x28/0xa0 > > > el0_svc+0x24/0x84 > > > el0t_64_sync_handler+0x88/0xec > > > el0t_64_sync+0x1b4/0x1b8 > > > Code: aa1f03e1 aa1303e0 52800022 2a0103e8 (88e87e62) ---[ end > > > trace > > > 938847327a739172 ]--- Kernel panic - not syncing: Oops: Fatal > > > exception > > > > > > Signed-off-by: Lianqin Hu <hulianqin@...o.com> > > > --- > > > v1: > > > - Optimize code comments, delete log printing > > > > This is "v2" not "v1". > > > > Also, same comment as before, what: > > - causes port to be NULL > > - prevents it from changing to NULL right after you check it > > > > Both need to be answered before we can take this change. > > > > thanks, > > > > greg k-h > > > > > -- > Michael Nazzareno Trimarchi > Co-Founder & Chief Executive Officer > M. +39 347 913 2170 > michael@...rulasolutions.com > __________________________________ > > Amarula Solutions BV > Joop Geesinkweg 125, 1114 AB, Amsterdam, NL T. +31 (0)85 111 9172 > info@...rulasolutions.com > http://www.a/ > marulasolutions.com%2F&data=05%7C02%7Chulianqin%40vivo.com%7C5d9253962 > ca944a053e008dcbdf8b380%7C923e42dc48d54cbeb5821a797a6412ed%7C0%7C0%7C6 > 38594123095654428%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoi > V2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=bGLICbqT4vjx > P22RIGujazq2N2AbsLAgdni80q%2BauaE%3D&reserved=0 -- Michael Nazzareno Trimarchi Co-Founder & Chief Executive Officer M. +39 347 913 2170 michael@...rulasolutions.com __________________________________ Amarula Solutions BV Joop Geesinkweg 125, 1114 AB, Amsterdam, NL T. +31 (0)85 111 9172 info@...rulasolutions.com http://www.amarulasolutions.com/
Powered by blists - more mailing lists