| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221123182034.3914e03a@kernel.org>
Date: Wed, 23 Nov 2022 18:20:34 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Yang Yingliang <yangyingliang@...wei.com>
Cc: Leon Romanovsky <leon@...nel.org>, <netdev@...r.kernel.org>,
<jiri@...dia.com>, <davem@...emloft.net>, <edumazet@...gle.com>,
<pabeni@...hat.com>
Subject: Re: [PATCH net] net: devlink: fix UAF in
devlink_compat_running_version()
On Wed, 23 Nov 2022 14:40:24 +0800 Yang Yingliang wrote:
> > if (err)
> > - goto err_dl_unregister;
> > + goto err_resource_unregister;
> > nsim_devlink_set_params_init_values(nsim_dev, devlink);
> >
> > + /* here, because params API still expect devlink to be unregistered */
> > + devl_register(devlink);
> > +
> devlink_set_features() called at last in probe() also needs devlink is
> not registered.
You can move the devlink_set_features() up. It's also a leftover,
it was preventing reload from happening before probe has finished.
Now the instance is locked until probe is done so there is no race.
Powered by blists - more mailing lists