lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 13 Mar 2017 08:44:09 -0700
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     Petr Vorel <petr.vorel@...il.com>
Cc:     netdev@...r.kernel.org, hayeswang@...ltek.com, davem@...emloft.net
Subject: Re: [PATCH 1/1] r8152: fix NULL pointer dereference in r8152_poll

On Mon, 2017-03-13 at 16:37 +0100, Petr Vorel wrote:
> Hi Eric,
> 
> > > The proper work around is to enclose the napi_schedule() in a
> > > local_bh_enable()/local_bh_disable()  pair.
> 
> > Something like :
> > --- a/drivers/net/usb/r8152.c
> > +++ b/drivers/net/usb/r8152.c
> > @@ -3703,8 +3703,10 @@ static int rtl8152_resume(struct usb_interface *intf)
> >  			napi_enable(&tp->napi);
> >  			clear_bit(SELECTIVE_SUSPEND, &tp->flags);
> >  			smp_mb__after_atomic();
> > +			local_bh_disable();
> >  			if (!list_empty(&tp->rx_done))
> >  				napi_schedule(&tp->napi);
> > +			local_bh_enable();
> 
> Unfortunately this doesn't work. Code in r8152.c doesn't use
> local_bh_enable()/local_bh_disable(). I tried to lock it with
> spin_lock_bh()/spin_unlock_bh() and with mutex_lock()/mutex_unlock()
> but neither work.

The local_bh_disable() / local_bh_enable() definitely is the right
answer to the issue you described.

It does not matter what code in r8152.c currently does.

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=8cf699ec849f4ca1413cea01289bd7d37dbcc626




Powered by blists - more mailing lists