On Thu, Mar 09, 2006 at 01:40:23AM -0800, Andrew Morton wrote:
> I assume this'll fix it?
>
> I suspect there's no point in the locking around that kobject_put() anyway.
> Or if there is, it wasn't the right way to fix the race.
>
> diff -puN drivers/misc/ibmasm/ibmasm.h~ibmasm-use-after-free-fix drivers/misc/ibmasm/ibmasm.h
> --- devel/drivers/misc/ibmasm/ibmasm.h~ibmasm-use-after-free-fix 2006-03-09 01:35:05.000000000 -0800
> +++ devel-akpm/drivers/misc/ibmasm/ibmasm.h 2006-03-09 01:35:16.000000000 -0800
> @@ -100,11 +100,7 @@ struct command {
>
> static inline void command_put(struct command *cmd)
> {
> - unsigned long flags;
> -
> - spin_lock_irqsave(cmd->lock, flags);
> kobject_put(&cmd->kobj);
> - spin_unlock_irqrestore(cmd->lock, flags);
> }
I don't think this is right. This is just a kobject-convoluted
use-after-free afaics.
Dave
--
http://www.codemonkey.org.uk
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
