lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <941c7920a7d07496222e6e93cb338ca6df38dc33.camel@linaro.org>
Date: Thu, 16 Jan 2025 11:30:43 +0000
From: André Draszik <andre.draszik@...aro.org>
To: Alim Akhtar <alim.akhtar@...sung.com>, Avri Altman
 <avri.altman@....com>,  Bart Van Assche <bvanassche@....org>, "James E.J.
 Bottomley" <James.Bottomley@...senPartnership.com>, "Martin K. Petersen"
 <martin.petersen@...cle.com>, Peter Griffin <peter.griffin@...aro.org>,
 Krzysztof Kozlowski <krzk@...nel.org>, Manivannan Sadhasivam
 <manivannan.sadhasivam@...aro.org>,  Mike Snitzer <snitzer@...hat.com>,
 Jens Axboe <axboe@...nel.dk>, Ulf Hansson <ulf.hansson@...aro.org>,  Eric
 Biggers <ebiggers@...gle.com>
Cc: Tudor Ambarus <tudor.ambarus@...aro.org>, Will McVicker
 <willmcvicker@...gle.com>, kernel-team@...roid.com,
 linux-scsi@...r.kernel.org,  linux-kernel@...r.kernel.org,
 linux-samsung-soc@...r.kernel.org,  linux-arm-kernel@...ts.infradead.org,
 linux-arm-msm@...r.kernel.org,  stable@...r.kernel.org
Subject: Re: [PATCH v3] scsi: ufs: fix use-after free in init error and
 remove paths

On Thu, 2025-01-16 at 11:18 +0000, André Draszik wrote:
> Changes in v2:
> - completely new approach using devres action for Scsi_host cleanup, to
>   ensure ordering

Just repeating this again due to updated recipients list:

This new approach now means that Scsi_host cleanup (scsi_host_put)
happens after ufshcd's hba->dev cleanup and I am not sure if this
approach has wider implications (in particular if there is any
underlying assumption or requirement for the Scsi_host device to
clean up before the ufshcd device).

Simple testing using a few iteration of manual module bind/unbind
worked, as did the error handling / cleanup during init. But I'm
not sure if that is sufficient testing for the changed release
ordering.

Cheers,
Andre'

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ