From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.5 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 652F4C43461 for ; Mon, 7 Sep 2020 05:47:37 +0000 (UTC) Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F26A72137B for ; Mon, 7 Sep 2020 05:47:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="rENsCMts" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F26A72137B Authentication-Results: mail.kernel.org; dmarc=pass (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linux-kernel-mentees-bounces@lists.linuxfoundation.org Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id B4A812047B; Mon, 7 Sep 2020 05:47:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id utxIvasrcg57; Mon, 7 Sep 2020 05:47:35 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by silver.osuosl.org (Postfix) with ESMTP id 987D22026D; Mon, 7 Sep 2020 05:47:35 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 89528C0052; Mon, 7 Sep 2020 05:47:35 +0000 (UTC) Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6C12BC0051 for ; Mon, 7 Sep 2020 05:47:33 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 617518702D for ; Mon, 7 Sep 2020 05:47:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PDj86aATvpIT for ; Mon, 7 Sep 2020 05:47:33 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by hemlock.osuosl.org (Postfix) with ESMTPS id F24C58702C for ; Mon, 7 Sep 2020 05:47:32 +0000 (UTC) Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 03DB820732; Mon, 7 Sep 2020 05:47:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1599457652; bh=a5/cEIfWcSChJxUlNOZzqt8Opy8n1npVY2hwYGW1gGU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=rENsCMts3CvNXOxvQBkjMQXGS5wtwS44RE0bhwLam9rSZ+OsWVcRPdF7G58SeUhV0 2ntcJk2vA/cIz9Y/3pBEQuJ9NN8v/Bir93iVS+w24XHg66aLFcm0+LB63plNIdEhtB MEf0R+O/LZnf08NcwP6Im3nD7uQk4E2g5ZC32cJ8= Date: Mon, 7 Sep 2020 07:47:29 +0200 From: Greg Kroah-Hartman To: Anant Thazhemadam Message-ID: <20200907054729.GA280798@kroah.com> References: <20200906201158.14014-1-anant.thazhemadam@gmail.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20200906201158.14014-1-anant.thazhemadam@gmail.com> Cc: Jean-Philippe Brucker , Joerg Roedel , Saravana Kannan , "Rafael J. Wysocki" , linux-kernel@vger.kernel.org, Bartosz Golaszewski , syzbot+b8639c8dcb5ec4483d4f@syzkaller.appspotmail.com, Dan Williams , linux-kernel-mentees@lists.linuxfoundation.org Subject: Re: [Linux-kernel-mentees] [PATCH] block : Fix use-after-free Read in delete_partition X-BeenThere: linux-kernel-mentees@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: linux-kernel-mentees-bounces@lists.linuxfoundation.org Sender: "Linux-kernel-mentees" On Mon, Sep 07, 2020 at 01:41:56AM +0530, Anant Thazhemadam wrote: > A use-after-free read of the kobject member being casted out to the > device structure containing it seems to be potentially possible > due to unsafe casting using container_of (since an edge case such > as when the ptr being casted might be NULL or problematic is not > accounted for). > Using container_of_safe resolves this issue, with no obvious tradeoffs > and without considerable expense. No, now every caller has to check for NULL, and that would mean that you now need to fix up hundreds of different places in the kernel. Please fix the root cause that would cause NULL to be passed to this call in the block code, don't paper over the issue here. thanks, greg k-h _______________________________________________ Linux-kernel-mentees mailing list Linux-kernel-mentees@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees