| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170131211717.GB21758@roeck-us.net>
Date: Tue, 31 Jan 2017 13:17:17 -0800
From: Guenter Roeck <linux@...ck-us.net>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: "David S . Miller" <davem@...emloft.net>,
linux-usb@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, Hayes Wang <hayeswang@...ltek.com>
Subject: Re: [PATCH] r8152: Allocate interrupt buffer as part of struct r8152
On Tue, Jan 31, 2017 at 11:53:31AM -0800, Eric Dumazet wrote:
> On Tue, 2017-01-31 at 11:06 -0800, Guenter Roeck wrote:
> > When unloading the r8152 driver using the 'unbind' sysfs attribute
> > in a system with KASAN enabled, the following error message is seen
> > on a regular basis.
>
> >
> > static int alloc_all_mem(struct r8152 *tp)
> > @@ -1423,10 +1420,6 @@ static int alloc_all_mem(struct r8152 *tp)
> > if (!tp->intr_urb)
> > goto err1;
> >
> > - tp->intr_buff = kmalloc(INTBUFSIZE, GFP_KERNEL);
> > - if (!tp->intr_buff)
> > - goto err1;
> > -
> > tp->intr_interval = (int)ep_intr->desc.bInterval;
> > usb_fill_int_urb(tp->intr_urb, tp->udev, usb_rcvintpipe(tp->udev, 3),
> > tp->intr_buff, INTBUFSIZE, intr_callback,
>
> This might lead to intr_buff being backed by vzalloc() instead of
> kzalloc() (check alloc_netdev_mqs())
>
> It looks like it could cause a bug.
>
I also strongly suspect that it just fixes the symptom, but not the root cause
of the problem.
Thanks,
Guenter
Powered by blists - more mailing lists