lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 30 May 2008 00:15:33 -0400
From:	Michael Wu <flamingice@...rmilk.net>
To:	Oliver Neukum <oliver@...kum.org>
Cc:	linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
	linux-usb@...r.kernel.org, Andrea Merello <andreamrl@...cali.it>
Subject: Re: race between rtl8187_stop and rtl8187_rx_cb?

On Friday 16 May 2008 16:01:06 Oliver Neukum wrote:
> rtl8187_stop() works by emptying a queue and unlinking urbs. But
> an urb finishing will be taken from the queue in rtl8187_rx_cb until
> it is resubmitted. Am I overlooking something or is there a window?
>
It appears that if you're unlucky, a rx urb can end up getting requeued after 
the dequeue loop in rtl8187_stop on a SMP system. Good catch. Doesn't look 
like it'll cause much trouble other than leaving urbs/skbs unfreed when the 
interface is down, but it's worth fixing. This requires information about 
whether or not the interface is started or stopped. Preferred way would be to 
set priv->mode = IEEE80211_IF_TYPE_INVALID in rtl8187_stop and priv->mode = 
IEEE80211_IF_TYPE_MNTR in rtl8187_start, so we can check for priv->mode == 
IEEE80211_IF_TYPE_INVALID before requeueing the urb in rtl8187_rx_cb. 

Thanks,
-Michael Wu

Download attachment "signature.asc " of type "application/pgp-signature" (195 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ