lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Mon, 24 Mar 2014 21:57:16 +0100
From:	Christoph Paasch <christoph.paasch@...ouvain.be>
To:	Jeff Kirsher <jeffrey.t.kirsher@...el.com>
Cc:	"davem@...emloft.net" <davem@...emloft.net>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	"gospo@...hat.com" <gospo@...hat.com>,
	"sassmann@...hat.com" <sassmann@...hat.com>,
	Carolyn Wyborny <carolyn.wyborny@...el.com>
Subject: Re: [net-next 15/16] igb: Fix Null-pointer dereference in
 igb_reset_q_vector

On 24/03/14 - 20:49:30, Jeff Kirsher wrote:
> On Sun, 2014-03-23 at 15:31 +0100, Christoph Paasch wrote:
> > On 21/03/14 - 12:10:05, Jeff Kirsher wrote:
> > > From: Christoph Paasch <christoph.paasch@...ouvain.be>
> > > 
> > > When igb_set_interrupt_capability() calls
> > > igb_reset_interrupt_capability() (e.g., because CONFIG_PCI_MSI is
> > unset),
> > > num_q_vectors has been set but no vector has yet been allocated.
> > > 
> > > igb_reset_interrupt_capability() will then call igb_reset_q_vector,
> > > which assumes that the vector is allocated. As this is not the case,
> > we
> > > are accessing a NULL-pointer.
> > > 
> > > This patch fixes it by checking that q_vector is indeed different
> > from
> > > NULL.
> > > 
> > > Fixes: 02ef6e1d0b0023 (igb: Fix queue allocation method to
> > accommodate changing during runtime)
> > > Cc: Carolyn Wyborny <carolyn.wyborny@...el.com>
> > > Signed-off-by: Christoph Paasch <christoph.paasch@...ouvain.be>
> > > Tested-by: Jeff Pieper <jeffrey.e.pieper@...el.com>
> > > Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@...el.com>
> > 
> > Hello Jeff,
> > 
> > shouldn't this one rather be for 'net' instead of 'net-next'? Because
> > 02ef6e1d0b0023 is part of 3.14-rc1.
> 
> Yes, but being that it is late in the -rcX cycle and 3.14 is expected to
> be released anytime now, it was not prudent to try and push this in
> right before the window closes.  It is better to have -stable pick this
> up once Linus releases 3.14.  Same goes for your other patch.
> 
> So once Linus releases 3.14 and Linus merges in Dave's net-next tree for
> 3.15, I will notify the stable maintainers that your 2 patches need to
> be picked up for 3.14.x stable trees.

Ok, fair enough.


Cheers,
Christoph

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists