Displaying 4 results from an estimated 4 matches for "debugfs_read".
2013 Jul 19
1
[PATCH 03/10] virtio: console: clean up port data immediately at time of unplug
...gt; use-after-free if user access debugfs after kfree().
> It is removed before kfree() -- kfree() is called in remove_port(),
> which is called when all the references are dropped. (Did you confuse
> kfree(port->name) with kfree(port)?)
Nope. Looks like port->name were accessed in debugfs_read()?
>
> Thanks,
>
> Amit
2013 Jul 19
1
[PATCH 03/10] virtio: console: clean up port data immediately at time of unplug
...gt; use-after-free if user access debugfs after kfree().
> It is removed before kfree() -- kfree() is called in remove_port(),
> which is called when all the references are dropped. (Did you confuse
> kfree(port->name) with kfree(port)?)
Nope. Looks like port->name were accessed in debugfs_read()?
>
> Thanks,
>
> Amit
2013 Jul 19
2
[PATCH 03/10] virtio: console: clean up port data immediately at time of unplug
On 07/19/2013 04:16 AM, Amit Shah wrote:
> We used to keep the port's char device structs and the /sys entries
> around till the last reference to the port was dropped. This is
> actually unnecessary, and resulted in buggy behaviour:
>
> 1. Open port in guest
> 2. Hot-unplug port
> 3. Hot-plug a port with the same 'name' property as the unplugged one
>
>
2013 Jul 19
2
[PATCH 03/10] virtio: console: clean up port data immediately at time of unplug
On 07/19/2013 04:16 AM, Amit Shah wrote:
> We used to keep the port's char device structs and the /sys entries
> around till the last reference to the port was dropped. This is
> actually unnecessary, and resulted in buggy behaviour:
>
> 1. Open port in guest
> 2. Hot-unplug port
> 3. Hot-plug a port with the same 'name' property as the unplugged one
>
>