Hi Mauro,
With the syscall bpf(BPF_PROG_ATTACH), a bpf program can be attached to a
lirc device; that should increase the refcount so that the program is not
freed. However, when we detach the bpf program, we don't decrease the
refcount, so the bpf program will never be freed.
Tested with kasan and ubsan. The list of bpf programs can be using the
bpftool (in the kernel tree), command line "bpftool prog list".
Thanks,
Sean
The following changes since commit 0ca54b29054151b7a52cbb8904732280afe5a302:
media: rc: be less noisy when driver misbehaves (2018-06-27 10:03:45 -0400)
are available in the Git repository at:
git://linuxtv.org/syoung/media_tree.git for-v4.18f
for you to fetch changes up to ff003645581b1ee4a0ac80fefdc262a5933b7007:
media: bpf: ensure bpf program is freed on detach (2018-07-04 20:48:29 +0100)
----------------------------------------------------------------
Sean Young (1):
media: bpf: ensure bpf program is freed on detach
drivers/media/rc/bpf-lirc.c | 1 +
1 file changed, 1 insertion(+)
