subject:"KASAN\: use\-after\-free Write in snd_rawmidi_kernel

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Takashi Iwai

On Thu, 07 May 2020 12:42:27 +0200, Takashi Iwai wrote: > > On Thu, 07 May 2020 12:36:14 +0200, > Takashi Iwai wrote: > > > > On Thu, 07 May 2020 12:27:41 +0200, > > Amadeusz SX2awiX4ski wrote: > > > > > > So if I follow this correctly, you call spin_unlock_irqrestore twice > > > in case of

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Greg Kroah-Hartman

On Thu, May 07, 2020 at 12:19:18PM +0200, Takashi Iwai wrote: > On Thu, 07 May 2020 12:13:10 +0200, > Greg Kroah-Hartman wrote: > > > > On Thu, May 07, 2020 at 11:56:22AM +0200, Takashi Iwai wrote: > > > On Thu, 07 May 2020 10:23:02 +0200, > > > Greg Kroah-Hartman wrote: > > > > > > > > On Thu,

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Takashi Iwai

On Thu, 07 May 2020 12:36:14 +0200, Takashi Iwai wrote: > > On Thu, 07 May 2020 12:27:41 +0200, > Amadeusz SX2awiX4ski wrote: > > > > So if I follow this correctly, you call spin_unlock_irqrestore twice > > in case of error? > > Erm no, this is obviously wrong. The error path needs re-lock. >

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Takashi Iwai

On Thu, 07 May 2020 12:27:41 +0200, Amadeusz SX2awiX4ski wrote: > > > > On 5/7/2020 11:56 AM, Takashi Iwai wrote: > > On Thu, 07 May 2020 10:23:02 +0200, > > Greg Kroah-Hartman wrote: > >> > >> On Thu, May 07, 2020 at 04:04:25PM +0800, butt3rflyh4ck wrote: > >>> I report a bug (in

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Amadeusz Sławiński

On 5/7/2020 11:56 AM, Takashi Iwai wrote: On Thu, 07 May 2020 10:23:02 +0200, Greg Kroah-Hartman wrote: On Thu, May 07, 2020 at 04:04:25PM +0800, butt3rflyh4ck wrote: I report a bug (in linux-5.7-rc1) found by syzkaller. kernel config:

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Takashi Iwai

On Thu, 07 May 2020 12:13:10 +0200, Greg Kroah-Hartman wrote: > > On Thu, May 07, 2020 at 11:56:22AM +0200, Takashi Iwai wrote: > > On Thu, 07 May 2020 10:23:02 +0200, > > Greg Kroah-Hartman wrote: > > > > > > On Thu, May 07, 2020 at 04:04:25PM +0800, butt3rflyh4ck wrote: > > > > I report a bug

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Greg Kroah-Hartman

On Thu, May 07, 2020 at 11:56:22AM +0200, Takashi Iwai wrote: > On Thu, 07 May 2020 10:23:02 +0200, > Greg Kroah-Hartman wrote: > > > > On Thu, May 07, 2020 at 04:04:25PM +0800, butt3rflyh4ck wrote: > > > I report a bug (in linux-5.7-rc1) found by syzkaller. > > > > > > kernel config: > > >

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread butt3rflyh4ck

No, it's not. Regards, butt3rflyh4ck. On Thu, May 7, 2020 at 5:50 PM Takashi Iwai wrote: > > On Thu, 07 May 2020 09:54:34 +0200, > butt3rflyh4ck wrote: > > > > I report a bug (in linux-5.7-rc1) found by syzkaller. > > > > kernel config: > >

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Takashi Iwai

On Thu, 07 May 2020 10:23:02 +0200, Greg Kroah-Hartman wrote: > > On Thu, May 07, 2020 at 04:04:25PM +0800, butt3rflyh4ck wrote: > > I report a bug (in linux-5.7-rc1) found by syzkaller. > > > > kernel config: > > https://github.com/butterflyhack/syzkaller-fuzz/blob/master/v5.7.0-rc1.config > >

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Takashi Iwai

On Thu, 07 May 2020 09:54:34 +0200, butt3rflyh4ck wrote: > > I report a bug (in linux-5.7-rc1) found by syzkaller. > > kernel config: > https://github.com/butterflyhack/syzkaller-fuzz/blob/master/v5.7.0-rc1.config > reproducer: >

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Greg Kroah-Hartman

On Thu, May 07, 2020 at 03:54:34PM +0800, butt3rflyh4ck wrote: > I report a bug (in linux-5.7-rc1) found by syzkaller. > > kernel config: > https://github.com/butterflyhack/syzkaller-fuzz/blob/master/v5.7.0-rc1.config > reproducer: >

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread Greg Kroah-Hartman

On Thu, May 07, 2020 at 04:04:25PM +0800, butt3rflyh4ck wrote: > I report a bug (in linux-5.7-rc1) found by syzkaller. > > kernel config: > https://github.com/butterflyhack/syzkaller-fuzz/blob/master/v5.7.0-rc1.config > reproducer: >

KASAN: use-after-free Write in snd_rawmidi_kernel_write1

2020-05-07 Thread butt3rflyh4ck

I report a bug (in linux-5.7-rc1) found by syzkaller. kernel config: https://github.com/butterflyhack/syzkaller-fuzz/blob/master/v5.7.0-rc1.config reproducer: https://github.com/butterflyhack/syzkaller-fuzz/blob/master/repro.cprog I test the reproducer in linux-5.7-rc4 and crash too. crash

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

Re: KASAN: use-after-free Write in snd_rawmidi_kernel_write1

KASAN: use-after-free Write in snd_rawmidi_kernel_write1

13 matches

Site Navigation

Mail list logo

Footer information