Re: [PATCH] NFC: NULL out the dev->rfkill to prevent UAF

From: Krzysztof Kozlowski
Date: Wed Apr 13 2022 - 05:40:00 EST

Next message: Peter Zijlstra: "Re: [PATCH v2 03/12] cxl/core: Refactor a cxl_lock_class() out of cxl_nested_lock()"
Previous message: cgel . zte: "[PATCH] wlcore: vendor_cmd: use pm_runtime_resume_and_get instead of pm_runtime_get_sync"
In reply to: Lin Ma: "[PATCH] NFC: NULL out the dev->rfkill to prevent UAF"
Next in thread: patchwork-bot+netdevbpf: "Re: [PATCH] NFC: NULL out the dev->rfkill to prevent UAF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/04/2022 07:32, Lin Ma wrote:
> Commit 3e3b5dfcd16a ("NFC: reorder the logic in nfc_{un,}register_device")
> assumes the device_is_registered() in function nfc_dev_up() will help
> to check when the rfkill is unregistered. However, this check only
> take effect when device_del(&dev->dev) is done in nfc_unregister_device().
> Hence, the rfkill object is still possible be dereferenced.
>

Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@xxxxxxxxxx>

Best regards,
Krzysztof

Next message: Peter Zijlstra: "Re: [PATCH v2 03/12] cxl/core: Refactor a cxl_lock_class() out of cxl_nested_lock()"
Previous message: cgel . zte: "[PATCH] wlcore: vendor_cmd: use pm_runtime_resume_and_get instead of pm_runtime_get_sync"
In reply to: Lin Ma: "[PATCH] NFC: NULL out the dev->rfkill to prevent UAF"
Next in thread: patchwork-bot+netdevbpf: "Re: [PATCH] NFC: NULL out the dev->rfkill to prevent UAF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]