| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAVpQUCQK6b7AEJE_U6Q9oCewFPpR=0smghi+swGw2s9uHsbPw@mail.gmail.com>
Date: Tue, 16 Sep 2025 23:56:29 -0700
From: Kuniyuki Iwashima <kuniyu@...gle.com>
To: Mahanta Jambigi <mjambigi@...ux.ibm.com>
Cc: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>,
Kuniyuki Iwashima <kuni1840@...il.com>, netdev@...r.kernel.org,
syzbot+ea28e9d85be2f327b6c6@...kaller.appspotmail.com,
"D. Wythe" <alibuda@...ux.alibaba.com>, Dust Li <dust.li@...ux.alibaba.com>,
Sidraya Jayagond <sidraya@...ux.ibm.com>, Wenjia Zhang <wenjia@...ux.ibm.com>,
Tony Lu <tonylu@...ux.alibaba.com>, Wen Gu <guwen@...ux.alibaba.com>,
Ursula Braun <ubraun@...ux.ibm.com>, Hans Wippel <hwippel@...ux.ibm.com>
Subject: Re: [PATCH v2 net-next 1/7] smc: Fix use-after-free in __pnet_find_base_ndev().
On Tue, Sep 16, 2025 at 11:52 PM Mahanta Jambigi <mjambigi@...ux.ibm.com> wrote:
>
> On 17/09/25 3:17 am, Kuniyuki Iwashima wrote:
> > + dst = __sk_dst_get(sk);
> > + dev = dst ? dst_dev_rcu(dst) : NULL;
> > + dev_hold(dev);
>
> We should hold the reference to dev only if it's non-NULL(although
> netdev_hold() has this sanity check), as we are doing the same while
> releasing the reference to dev in below code:
dev_hold() must be done under RCU.
>
> if(dev) {
> smc_pnet_find_roce_by_pnetid(dev, ini);
> dev_put(dev);
> }
>
> Same applies to changes in smc_pnet_find_ism_resource().
Powered by blists - more mailing lists