| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20251217125746.19304-1-pioooooooooip@gmail.com>
Date: Wed, 17 Dec 2025 21:57:44 +0900
From: Qianchang Zhao <pioooooooooip@...il.com>
To: netdev@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Krzysztof Kozlowski <krzk@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Jakub Kicinski <kuba@...nel.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Simon Horman <horms@...nel.org>,
stable@...r.kernel.org,
Qianchang Zhao <pioooooooooip@...il.com>
Subject: [PATCH v2 0/2] nfc: llcp: fix double put/unlock on LLCP_CLOSED in recv handlers
This series fixes a refcount/locking imbalance in NFC LLCP receive handlers
when the socket is already in LLCP_CLOSED.
nfc_llcp_recv_disc() used to perform release_sock()/nfc_llcp_sock_put() in the CLOSED
branch but did not exit, and then performed the same cleanup again on the common
exit path. Drop the redundant CLOSED-branch cleanup so the common exit path runs
it exactly once, while keeping the existing DM_DISC reply behavior.
nfc_llcp_recv_hdlc() performed the CLOSED cleanup but then continued processing
and later cleaned up again on the common exit path. Return immediately after the
CLOSED cleanup.
Changes in v2:
- Drop Reported-by tags
- Add missing Fixes tags
Build-tested with: make M=net/nfc (no NFC HW available for runtime testing).
Qianchang Zhao (2):
nfc: llcp: avoid double release/put on LLCP_CLOSED in
nfc_llcp_recv_disc()
nfc: llcp: stop processing on LLCP_CLOSED in nfc_llcp_recv_hdlc()
net/nfc/llcp_core.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
--
2.34.1
Powered by blists - more mailing lists