lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2024110551-fiction-casket-7597@gregkh>
Date: Tue, 5 Nov 2024 10:44:46 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Calvin Owens <calvin@...nvd.org>
Cc: Rodolfo Giometti <giometti@...eenne.com>,
	George Spelvin <linux@...izon.com>, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH v3] pps: Fix a use-after-free

On Mon, Nov 04, 2024 at 11:56:19PM -0800, Calvin Owens wrote:
> -	dev_info(pps->dev, "removed\n");
> +	dev_info(&pps->dev, "removed\n");

Nit, when drivers work properly,  they are quiet, no need for these
dev_info() calls.

>  static int pps_cdev_release(struct inode *inode, struct file *file)
>  {
> -	struct pps_device *pps = container_of(inode->i_cdev,
> -						struct pps_device, cdev);
> -	kobject_put(&pps->dev->kobj);
> +	struct pps_device *pps = file->private_data;
> +
> +	WARN_ON(pps->id != iminor(inode));

If this can happen, handle it and move on.  Don't just reboot the
machine if it's something that could be triggered (remember about
panic-on-warn systems.)

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ