lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAKgT0UdvnjZo6pNtnZuDFuOQ9Hg=BCeJOAiToS_CFSwpKD8LWA@mail.gmail.com>
Date: Tue, 22 Oct 2024 10:25:05 -0700
From: Alexander Duyck <alexander.duyck@...il.com>
To: Simon Horman <horms@...nel.org>
Cc: Yuan Can <yuancan@...wei.com>, anthony.l.nguyen@...el.com, 
	przemyslaw.kitszel@...el.com, andrew+netdev@...n.ch, davem@...emloft.net, 
	edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, cramerj@...el.com, 
	shannon.nelson@....com, mitch.a.williams@...el.com, jgarzik@...hat.com, 
	auke-jan.h.kok@...el.com, intel-wired-lan@...ts.osuosl.org, 
	netdev@...r.kernel.org
Subject: Re: [PATCH] igb: Fix potential invalid memory access in igb_init_module()

On Tue, Oct 22, 2024 at 8:56 AM Simon Horman <horms@...nel.org> wrote:
>
> + Alexander Duyck
>
> On Tue, Oct 22, 2024 at 02:38:07PM +0800, Yuan Can wrote:
> > The pci_register_driver() can fail and when this happened, the dca_notifier
> > needs to be unregistered, otherwise the dca_notifier can be called when
> > igb fails to install, resulting to invalid memory access.
> >
> > Fixes: fe4506b6a2f9 ("igb: add DCA support")
>
> I don't think this problem was introduced by the commit cited above,
> as it added the call to dca_unregister_notify() before
> pci_register_driver(). But rather by the commit cited below which reversed
> the order of these function calls.
>
> bbd98fe48a43 ("igb: Fix DCA errors and do not use context index for 82576")
>
> I'm unsure if it is necessary to repost the patch to address that.
> But if you do, and assuming we are treating this as a bug fix,
> please target it for the net (or iwl-net) tree like this:
>
> Subject: [PATCH net v2] ...
>
> > Signed-off-by: Yuan Can <yuancan@...wei.com>
> > ---
> >  drivers/net/ethernet/intel/igb/igb_main.c | 4 ++++
> >  1 file changed, 4 insertions(+)
> >
> > diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
> > index f1d088168723..18284a838e24 100644
> > --- a/drivers/net/ethernet/intel/igb/igb_main.c
> > +++ b/drivers/net/ethernet/intel/igb/igb_main.c
> > @@ -637,6 +637,10 @@ static int __init igb_init_module(void)
> >       dca_register_notify(&dca_notifier);
> >  #endif
> >       ret = pci_register_driver(&igb_driver);
> > +#ifdef CONFIG_IGB_DCA
> > +     if (ret)
> > +             dca_unregister_notify(&dca_notifier);
> > +#endif
> >       return ret;
> >  }
> >

Makes sense to me. I agree on the "Fix DCA errors" patch being the one
that is being fixed. So essentially this is a notifier leak since we
are registering it but not unregistering.

Thanks,

- Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ