| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <dbx8344flpbl.fsf@ynaffit-andsys.c.googlers.com>
Date: Thu, 08 Jan 2026 14:19:58 -0800
From: Tiffany Yang <ynaffit@...gle.com>
To: Lee Jones <lee@...nel.org>
Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>, stable@...r.kernel.org,
pchelkin@...ras.ru, linux-kernel@...r.kernel.org, kernel-team@...roid.com,
Pavel Machek <pavel@....cz>, linux-leds@...r.kernel.org
Subject: Re: [PATCH 5.10,5.15,6.1,6.6 RESEND] leds: spi-byte: Initialize
device node before access
Lee Jones <lee@...nel.org> writes:
> On Fri, 02 Jan 2026, Andy Shevchenko wrote:
>> On Tue, Dec 30, 2025 at 04:45:11PM -0800, Tiffany Yang wrote:
>> > Commit 7f9ab862e05c ("leds: spi-byte: Call of_node_put() on error
>> path")
>> > was merged in 6.11 and then backported to stable trees through 5.10. It
>> > relocates the line that initializes the variable 'child' to a later
>> > point in spi_byte_probe().
>> >
>> > Versions < 6.9 do not have commit ccc35ff2fd29 ("leds: spi-byte: Use
>> > devm_led_classdev_register_ext()"), which removes a line that reads a
>> > property from 'child' before its new initialization point.
>> Consequently,
>> > spi_byte_probe() reads from an uninitialized device node in stable
>> > kernels 6.6-5.10.
>> I'm wondering if in long term the easier maintenance will be with that
>> patch
>> also being backported rather than this being applied.
> Works for me.
Makes sense to me too! Thanks everyone for taking a look, and thanks to
Fedor for originally suggesting this :)
--
Tiffany Y. Yang
Powered by blists - more mailing lists