| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <537e4ef5-6daa-a95d-e004-5700a8533f04@brocade.com>
Date: Tue, 24 Jan 2017 16:26:21 +0000
From: Robert Shearman <rshearma@...cade.com>
To: David Miller <davem@...emloft.net>
CC: <netdev@...r.kernel.org>, <tom@...bertland.com>,
<roopa@...ulusnetworks.com>, <david.lebrun@...ouvain.be>,
<tgraf@...g.ch>, <dsa@...ulusnetworks.com>
Subject: Re: [PATCH net v2 2/2] lwtunnel: Fix oops on state free after encap
module unload
On 23/01/17 20:42, David Miller wrote:
> From: Robert Shearman <rshearma@...cade.com>
> Date: Sat, 21 Jan 2017 00:21:26 +0000
>
>> @@ -115,8 +115,12 @@ int lwtunnel_build_state(struct net_device *dev, u16 encap_type,
>> ret = -EOPNOTSUPP;
>> rcu_read_lock();
>
> Here 'ret' equals -EOPNOTSUPP
>
>> ops = rcu_dereference(lwtun_encaps[encap_type]);
>> - if (likely(ops && ops->build_state))
>> - ret = ops->build_state(dev, encap, family, cfg, lws);
>> + if (likely(ops)) {
>> + if (likely(try_module_get(ops->owner) && ops->build_state))
>> + ret = ops->build_state(dev, encap, family, cfg, lws);
>> + if (ret)
>> + module_put(ops->owner);
>
> If try_module_get() fails, 'ret' will still be -EOPNOTSUPP and we will
> module_put() on a module we did not grab a reference to.
>
> I think you need to adjust the logic here. You only want to 'put' if
> try_module_get() succeeds and ->build_state() returns an error.
Indeed, good point. Will address in a v3 shortly.
Thanks,
Rob
Powered by blists - more mailing lists