lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 18 Dec 2019 11:58:24 -0800 (PST)
From:   David Miller <davem@...emloft.net>
To:     baijiaju1990@...il.com
Cc:     gregkh@...uxfoundation.org, tglx@...utronix.de,
        allison@...utok.net, alexios.zavras@...el.com,
        alexandru.ardelean@...log.com, albin_yang@....com,
        dan.carpenter@...cle.com, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: nfc: nci: fix a possible sleep-in-atomic-context
 bug in nci_uart_tty_receive()

From: Jia-Ju Bai <baijiaju1990@...il.com>
Date: Wed, 18 Dec 2019 17:21:55 +0800

> The kernel may sleep while holding a spinlock.
> The function call path (from bottom to top) in Linux 4.19 is:
> 
> net/nfc/nci/uart.c, 349: 
> 	nci_skb_alloc in nci_uart_default_recv_buf
> net/nfc/nci/uart.c, 255: 
> 	(FUNC_PTR)nci_uart_default_recv_buf in nci_uart_tty_receive
> net/nfc/nci/uart.c, 254: 
> 	spin_lock in nci_uart_tty_receive
> 
> nci_skb_alloc(GFP_KERNEL) can sleep at runtime.
> (FUNC_PTR) means a function pointer is called.
> 
> To fix this bug, GFP_KERNEL is replaced with GFP_ATOMIC for
> nci_skb_alloc().
> 
> This bug is found by a static analysis tool STCheck written by myself.
> 
> Signed-off-by: Jia-Ju Bai <baijiaju1990@...il.com>

Applied and queued up for -stable, thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ