* [PATCH] Fix null pointer dereference caused by sysfs_notify on binary attribute
@ 2013-06-06 9:45 Nick Dyer
2013-06-06 15:26 ` Greg KH
2013-06-06 19:37 ` [PATCH] sysfs: " Greg KH
0 siblings, 2 replies; 5+ messages in thread
From: Nick Dyer @ 2013-06-06 9:45 UTC (permalink / raw)
To: gregkh; +Cc: linux-kernel, Nick Dyer
It would be nice to have this work as expected but for now this is a minimal
fix to prevent the kernel panic.
Signed-off-by: Nick Dyer <nick.dyer@itdev.co.uk>
---
fs/sysfs/file.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c
index 602f56d..976819b 100644
--- a/fs/sysfs/file.c
+++ b/fs/sysfs/file.c
@@ -449,10 +449,12 @@ void sysfs_notify_dirent(struct sysfs_dirent *sd)
spin_lock_irqsave(&sysfs_open_dirent_lock, flags);
- od = sd->s_attr.open;
- if (od) {
- atomic_inc(&od->event);
- wake_up_interruptible(&od->poll);
+ if (sd->s_attr) {
+ od = sd->s_attr.open;
+ if (od) {
+ atomic_inc(&od->event);
+ wake_up_interruptible(&od->poll);
+ }
}
spin_unlock_irqrestore(&sysfs_open_dirent_lock, flags);
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] Fix null pointer dereference caused by sysfs_notify on binary attribute
2013-06-06 9:45 [PATCH] Fix null pointer dereference caused by sysfs_notify on binary attribute Nick Dyer
@ 2013-06-06 15:26 ` Greg KH
2013-06-06 15:36 ` Nick Dyer
2013-06-06 19:37 ` [PATCH] sysfs: " Greg KH
1 sibling, 1 reply; 5+ messages in thread
From: Greg KH @ 2013-06-06 15:26 UTC (permalink / raw)
To: Nick Dyer; +Cc: linux-kernel
On Thu, Jun 06, 2013 at 10:45:20AM +0100, Nick Dyer wrote:
> It would be nice to have this work as expected but for now this is a minimal
> fix to prevent the kernel panic.
Is anyone calling sysfs_notify on a binary attribute today? Or can this
go into 3.11?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Fix null pointer dereference caused by sysfs_notify on binary attribute
2013-06-06 15:26 ` Greg KH
@ 2013-06-06 15:36 ` Nick Dyer
0 siblings, 0 replies; 5+ messages in thread
From: Nick Dyer @ 2013-06-06 15:36 UTC (permalink / raw)
To: Greg KH; +Cc: linux-kernel
Greg KH wrote:
> On Thu, Jun 06, 2013 at 10:45:20AM +0100, Nick Dyer wrote:
>> It would be nice to have this work as expected but for now this is a minimal
>> fix to prevent the kernel panic.
>
> Is anyone calling sysfs_notify on a binary attribute today? Or can this
> go into 3.11?
Nope. I think I'm the first person to try it. So 3.11 is fine.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] sysfs: Fix null pointer dereference caused by sysfs_notify on binary attribute
2013-06-06 9:45 [PATCH] Fix null pointer dereference caused by sysfs_notify on binary attribute Nick Dyer
2013-06-06 15:26 ` Greg KH
@ 2013-06-06 19:37 ` Greg KH
2013-06-07 14:45 ` [PATCH V2] sysfs_notify is only possible on file attributes Nick Dyer
1 sibling, 1 reply; 5+ messages in thread
From: Greg KH @ 2013-06-06 19:37 UTC (permalink / raw)
To: Nick Dyer; +Cc: linux-kernel
On Thu, Jun 06, 2013 at 10:45:20AM +0100, Nick Dyer wrote:
> If sysfs_notify is called on a binary attribute, bad things can
> happen, so prevent it.
>
> Note, no in-kernel usage of this is currently present, but in the
> future, it's good to be safe.
>
> Signed-off-by: Nick Dyer <nick.dyer@itdev.co.uk>
> ---
> fs/sysfs/file.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c
> index 602f56d..976819b 100644
> --- a/fs/sysfs/file.c
> +++ b/fs/sysfs/file.c
> @@ -449,10 +449,12 @@ void sysfs_notify_dirent(struct sysfs_dirent *sd)
>
> spin_lock_irqsave(&sysfs_open_dirent_lock, flags);
>
> - od = sd->s_attr.open;
> - if (od) {
> - atomic_inc(&od->event);
> - wake_up_interruptible(&od->poll);
> + if (sd->s_attr) {
> + od = sd->s_attr.open;
> + if (od) {
> + atomic_inc(&od->event);
> + wake_up_interruptible(&od->poll);
> + }
Please test build your patches, it makes kernel maintainers very grumpy
when you send them patches that are obviously broken :(
greg k-h
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH V2] sysfs_notify is only possible on file attributes
2013-06-06 19:37 ` [PATCH] sysfs: " Greg KH
@ 2013-06-07 14:45 ` Nick Dyer
0 siblings, 0 replies; 5+ messages in thread
From: Nick Dyer @ 2013-06-07 14:45 UTC (permalink / raw)
To: gregkh; +Cc: linux-kernel, Nick Dyer
If sysfs_notify is called on a binary attribute, bad things can
happen, so prevent it.
Note, no in-kernel usage of this is currently present, but in the
future, it's good to be safe.
Changes in V2:
- Also ignore sysfs_notify on dirs, links
- Use WARN_ON rather than silently failing
- Compiled and tested (huge apologies about first submission)
Signed-off-by: Nick Dyer <nick.dyer@itdev.co.uk>
---
fs/sysfs/file.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c
index 602f56d..d2bb7ed 100644
--- a/fs/sysfs/file.c
+++ b/fs/sysfs/file.c
@@ -449,10 +449,12 @@ void sysfs_notify_dirent(struct sysfs_dirent *sd)
spin_lock_irqsave(&sysfs_open_dirent_lock, flags);
- od = sd->s_attr.open;
- if (od) {
- atomic_inc(&od->event);
- wake_up_interruptible(&od->poll);
+ if (!WARN_ON(sysfs_type(sd) != SYSFS_KOBJ_ATTR)) {
+ od = sd->s_attr.open;
+ if (od) {
+ atomic_inc(&od->event);
+ wake_up_interruptible(&od->poll);
+ }
}
spin_unlock_irqrestore(&sysfs_open_dirent_lock, flags);
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2013-06-07 14:45 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-06-06 9:45 [PATCH] Fix null pointer dereference caused by sysfs_notify on binary attribute Nick Dyer
2013-06-06 15:26 ` Greg KH
2013-06-06 15:36 ` Nick Dyer
2013-06-06 19:37 ` [PATCH] sysfs: " Greg KH
2013-06-07 14:45 ` [PATCH V2] sysfs_notify is only possible on file attributes Nick Dyer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox