Re: [PATCH] Devcoredump: fix use-after-free issue when releasing devcd device

[Greg KH]

On Tue, Oct 31, 2023 at 06:16:08PM +0530, Mukesh Ojha wrote:
> 
> 
> On 10/31/2023 2:29 PM, Johannes Berg wrote:
> > On Tue, 2023-10-31 at 16:29 +0800, Yu Wang wrote:
> > > 
> > > In this case, the device is temporarily added for dump only, so we need to
> > > delete it when dump is completed.
> > > The other users doesn't add/delete the device like this.
> > 
> > For good reason, I guess? I think this is probably a bad idea.
> > 
> > The whole point of this was to actually know which device created the
> > coredump? If you make one up on the fly that's ... pointless? Surely you
> > must have _some_ device that already exists?
> 
> Passing device name to be user space looks to be the reason.

Wait, again, why are you creating a fake device just to dump data?
That's not what this api is for at all, why are you abusing it in ways
it was not designed to be used?

And I will strongly argue, that if no in-kernel users are having
problems, perhaps it is your out-of-tree code?

Unless you can show any in-kernel user of this trigging the issue, I
don't think there's anything we need to do here, do you?

thanks,

greg k-h